Using Verification Technology to Specify and Detect Malware

Andreas Holzer; Johannes Kinder; Helmut Veith

doi:10.1007/978-3-540-75867-9_63

Using Verification Technology to Specify and Detect Malware

Andreas Holzer, Johannes Kinder, Helmut Veith

Department of Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

59 Downloads (Pure)

Abstract

Computer viruses and worms are major threats for our computer infrastructure, and thus, for economy and society at large. Recent work has demonstrated that a model checking based approach to malware detection can capture the semantics of security exploits more accurately than traditional approaches, and consequently achieve higher detection rates. In this approach, malicious behavior is formalized using the expressive specification language CTPL based on classic CTL. This paper gives an overview of our toolchain for malware detection and presents our new system for computer assisted generation of malicious code specifications.

Original language	English
Title of host publication	11th Int. Conf. Computer Aided Systems Theory (Eurocast 2007), Revised Selected Papers
Publisher	Springer
Pages	497-504
DOIs	https://doi.org/10.1007/978-3-540-75867-9_63
Publication status	Published - Feb 2007

Access to Document

10.1007/978-3-540-75867-9_63

eurocast07Accepted author manuscript, 80.8 KB

Cite this

@inproceedings{c17cd4a021c6432b8db8ad4397c817ce,

title = "Using Verification Technology to Specify and Detect Malware",

abstract = "Computer viruses and worms are major threats for our computer infrastructure, and thus, for economy and society at large. Recent work has demonstrated that a model checking based approach to malware detection can capture the semantics of security exploits more accurately than traditional approaches, and consequently achieve higher detection rates. In this approach, malicious behavior is formalized using the expressive specification language CTPL based on classic CTL. This paper gives an overview of our toolchain for malware detection and presents our new system for computer assisted generation of malicious code specifications.",

author = "Andreas Holzer and Johannes Kinder and Helmut Veith",

year = "2007",

month = feb,

doi = "10.1007/978-3-540-75867-9_63",

language = "English",

pages = "497--504",

booktitle = "11th Int. Conf. Computer Aided Systems Theory (Eurocast 2007), Revised Selected Papers",

publisher = "Springer",

}

TY - GEN

T1 - Using Verification Technology to Specify and Detect Malware

AU - Holzer, Andreas

AU - Kinder, Johannes

AU - Veith, Helmut

PY - 2007/2

Y1 - 2007/2

N2 - Computer viruses and worms are major threats for our computer infrastructure, and thus, for economy and society at large. Recent work has demonstrated that a model checking based approach to malware detection can capture the semantics of security exploits more accurately than traditional approaches, and consequently achieve higher detection rates. In this approach, malicious behavior is formalized using the expressive specification language CTPL based on classic CTL. This paper gives an overview of our toolchain for malware detection and presents our new system for computer assisted generation of malicious code specifications.

AB - Computer viruses and worms are major threats for our computer infrastructure, and thus, for economy and society at large. Recent work has demonstrated that a model checking based approach to malware detection can capture the semantics of security exploits more accurately than traditional approaches, and consequently achieve higher detection rates. In this approach, malicious behavior is formalized using the expressive specification language CTPL based on classic CTL. This paper gives an overview of our toolchain for malware detection and presents our new system for computer assisted generation of malicious code specifications.

U2 - 10.1007/978-3-540-75867-9_63

DO - 10.1007/978-3-540-75867-9_63

M3 - Conference contribution

SP - 497

EP - 504

BT - 11th Int. Conf. Computer Aided Systems Theory (Eurocast 2007), Revised Selected Papers

PB - Springer

ER -