Using Verification Technology to Specify and Detect Malware

Andreas Holzer, Johannes Kinder, Helmut Veith

Research output: Chapter in Book/Report/Conference proceedingConference contribution

63 Downloads (Pure)


Computer viruses and worms are major threats for our computer infrastructure, and thus, for economy and society at large. Recent work has demonstrated that a model checking based approach to malware detection can capture the semantics of security exploits more accurately than traditional approaches, and consequently achieve higher detection rates. In this approach, malicious behavior is formalized using the expressive specification language CTPL based on classic CTL. This paper gives an overview of our toolchain for malware detection and presents our new system for computer assisted generation of malicious code specifications.
Original languageEnglish
Title of host publication11th Int. Conf. Computer Aided Systems Theory (Eurocast 2007), Revised Selected Papers
Publication statusPublished - Feb 2007

Cite this