Malware Detection Using Attribute-Automata to Parse Abstract Behavioral Descriptions

Download Now Free registration required

Executive Summary

Most behavioral detectors of malware remain specific to a given language and platform, mostly PE executables for Windows. The objective of this paper is to define a generic approach for behavioral detection based on two layers respectively responsible for abstraction and detection. The first abstraction layer remains specific to a platform and a language. This first layer interprets the collected instructions, API calls and arguments and classifies these operations as well as the involved objects according to their purpose in the malware lifecycle.

  • Format: PDF
  • Size: 630.55 KB