التفاصيل البيبلوغرافية
| العنوان: |
Evaluating model checking for cyber threats code obfuscation identification. |
| المؤلفون: |
Martinelli, Fabio1 fabio.martinelli@iit.cnr.it, Mercaldo, Francesco1 francesco.mercaldo@iit.cnr.it, Nardone, Vittoria2 vnardone@unisannio.it, Santone, Antonella3 antonella.santone@unimol.it, Sangaiah, Arun Kumar4 arunkumarsangaiah@gmail.com, Cimitile, Aniello2 cimitile@unisannio.it |
| المصدر: |
Journal of Parallel & Distributed Computing. Sep2018, Vol. 119, p203-218. 16p. |
| مصطلحات موضوعية: |
*CYBERTERRORISM, *COMPUTER programming, *COMPUTER engineering, *SET theory, *INTELLECTUAL property |
| مستخلص: |
Code obfuscation is a set of transformations that make code programs harder to understand. The goal of code obfuscation is to make reverse engineering of programs infeasible, while maintaining the logic on the program. Originally, it has been used to protect intellectual property. However, recently code obfuscation has been also used by malware writers in order to make cyber threats easily able to evade antimalware scanners. As a matter of fact, metamorphic and polymorphic viruses exhibit the ability to obfuscate their code as they propagate. In this paper we propose a model checking-based approach which is able to identify the most widespread obfuscating techniques, without making any assumptions about the nature of the obfuscations used. We evaluate the proposed method on a real-world dataset obtaining an accuracy equal to 0.9 in the identification of obfuscation techniques. [ABSTRACT FROM AUTHOR] |
| قاعدة البيانات: |
Academic Search Index |
