A Static Method for Detection of Information Theft Malware
Existing techniques based on behavior semantics for information theft malware detection have the main shortcomings of low path coverage and disability of finding hidden malicious behaviors. In this paper we propose a static method for the detection of information theft malware to overcome these shortcomings. It is particularly efficienct for inter-procedure taint analysis, and it is suitable for complicated malware detection, such as Trojan and Bot. Its static style makes it able to find hidden malicious behaviors. We also present an implementation of our method that works on x86 executables and a set of experimental studies validate its good efficiency and effectiveness.
malware detection information theft taint analysis pushdown system
JiaJing Li Tao Wei Wei Zou Jian Mao
Key Laboratory of Network and Software Security Assurance Peking University, Ministry of Education B Department of Electronic and Information Engineering of BeiHang University Beijing 10083, China
国际会议
Second International Symposium on Electronic Commerce and Security(第二届电子商务与安全国际研究大会)(ISECS 2009)
南昌
英文
236-240
2009-05-22(万方平台首次上网日期,不代表论文的发表时间)