Loading [a11y]/accessibility-menu.js
Sandboxing and reasoning on malware infection trees | IEEE Conference Publication | IEEE Xplore

Sandboxing and reasoning on malware infection trees


Abstract:

Malware infection trees are computational structures for analyzing and identifying different processes and files during the execution of malware. In this paper, we descri...Show More

Abstract:

Malware infection trees are computational structures for analyzing and identifying different processes and files during the execution of malware. In this paper, we describe a sandboxing-based formalization to predict malware behaviors such as the possibility of file and process creation. Model checking is used as a querying mechanism on a labeled transition system representing a malware infection tree. We evaluate computational feasibility of our formalism using a case study on Backdoor.WIN32.Poison malware and behavior specified by malware infection trees.
Date of Conference: 20-22 October 2015
Date Added to IEEE Xplore: 25 February 2016
ISBN Information:
Conference Location: Fajardo, PR, USA

References

References is not available for this document.