FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W9976069> ?p ?o ?g. }

• W9976069 endingPage "433" @default.
• W9976069 startingPage "418" @default.
• W9976069 abstract "Over the past decade, malware costs more than $10 billion every year and the cost is still increasing. Classical signature-based and emulation-based methods are becoming insufficient, since malware writers can easily obfuscate existing malware such that new variants cannot be detected by these methods. Thus, it is important to have more robust techniques for malware detection. In our previous work [24], we proposed to use model-checking to identify malware. We used pushdown systems (PDSs) to model the program (this allows to keep track of the program’s stack behavior), and we defined the SCTPL logic to specify the malicious behaviors, where SCTPL can be seen as an extension of the branching-time temporal logic CTL with variables, quantifiers, and predicates over the stack. Malware detection was then reduced to SCTPL model-checking of PDSs. However, in our previous work [24], the way we used SCTPL to specify malicious behaviors was not very precise. Indeed, we used the names of the registers and memory locations instead of their values. We show in this work how to sidestep this limitation and use precise SCTPL formulas that consider the values of the registers and memory locations to specify malware. Moreover, to make the detection procedure more efficient, we propose an abstraction that reduces drastically the size of the program model, and show that this abstraction preserves all SCTPL∖X formulas, where SCTPL∖X is a fragment of SCTPL that is sufficient to precisely characterize malware specifications. We implemented our techniques in a tool and applied it to automatically detect several malwares. The experimental results are encouraging." @default.
• W9976069 created "2016-06-24" @default.
• W9976069 creator A5027425633 @default.
• W9976069 creator A5044579457 @default.
• W9976069 date "2012-01-01" @default.
• W9976069 modified "2023-10-18" @default.
• W9976069 title "Efficient Malware Detection Using Model-Checking" @default.
• W9976069 cites W1514446453 @default.
• W9976069 cites W1544225867 @default.
• W9976069 cites W1594012544 @default.
• W9976069 cites W1775362121 @default.
• W9976069 cites W1973861505 @default.
• W9976069 cites W2114193033 @default.
• W9976069 cites W2131523719 @default.
• W9976069 cites W2142368292 @default.
• W9976069 cites W2158167094 @default.
• W9976069 cites W2169889002 @default.
• W9976069 cites W2226594342 @default.
• W9976069 cites W2247654784 @default.
• W9976069 cites W9976069 @default.
• W9976069 doi "https://doi.org/10.1007/978-3-642-32759-9_34" @default.
• W9976069 hasPublicationYear "2012" @default.
• W9976069 type Work @default.
• W9976069 sameAs 9976069 @default.
• W9976069 citedByCount "42" @default.
• W9976069 countsByYear W99760692012 @default.
• W9976069 countsByYear W99760692013 @default.
• W9976069 countsByYear W99760692014 @default.
• W9976069 countsByYear W99760692015 @default.
• W9976069 countsByYear W99760692016 @default.
• W9976069 countsByYear W99760692017 @default.
• W9976069 countsByYear W99760692018 @default.
• W9976069 countsByYear W99760692019 @default.
• W9976069 countsByYear W99760692020 @default.
• W9976069 countsByYear W99760692021 @default.
• W9976069 countsByYear W99760692022 @default.
• W9976069 crossrefType "book-chapter" @default.
• W9976069 hasAuthorship W9976069A5027425633 @default.
• W9976069 hasAuthorship W9976069A5044579457 @default.
• W9976069 hasConcept C110251889 @default.
• W9976069 hasConcept C111472728 @default.
• W9976069 hasConcept C111919701 @default.
• W9976069 hasConcept C124304363 @default.
• W9976069 hasConcept C138885662 @default.
• W9976069 hasConcept C149810388 @default.
• W9976069 hasConcept C162324750 @default.
• W9976069 hasConcept C199360897 @default.
• W9976069 hasConcept C25016198 @default.
• W9976069 hasConcept C2779395397 @default.
• W9976069 hasConcept C41008148 @default.
• W9976069 hasConcept C50522688 @default.
• W9976069 hasConcept C541664917 @default.
• W9976069 hasConcept C80444323 @default.
• W9976069 hasConceptScore W9976069C110251889 @default.
• W9976069 hasConceptScore W9976069C111472728 @default.
• W9976069 hasConceptScore W9976069C111919701 @default.
• W9976069 hasConceptScore W9976069C124304363 @default.
• W9976069 hasConceptScore W9976069C138885662 @default.
• W9976069 hasConceptScore W9976069C149810388 @default.
• W9976069 hasConceptScore W9976069C162324750 @default.
• W9976069 hasConceptScore W9976069C199360897 @default.
• W9976069 hasConceptScore W9976069C25016198 @default.
• W9976069 hasConceptScore W9976069C2779395397 @default.
• W9976069 hasConceptScore W9976069C41008148 @default.
• W9976069 hasConceptScore W9976069C50522688 @default.
• W9976069 hasConceptScore W9976069C541664917 @default.
• W9976069 hasConceptScore W9976069C80444323 @default.
• W9976069 hasLocation W99760691 @default.
• W9976069 hasOpenAccess W9976069 @default.
• W9976069 hasPrimaryLocation W99760691 @default.
• W9976069 hasRelatedWork W131049964 @default.
• W9976069 hasRelatedWork W1511304587 @default.
• W9976069 hasRelatedWork W1572578464 @default.
• W9976069 hasRelatedWork W1589294645 @default.
• W9976069 hasRelatedWork W1970984476 @default.
• W9976069 hasRelatedWork W1976379542 @default.
• W9976069 hasRelatedWork W22602486 @default.
• W9976069 hasRelatedWork W2380536301 @default.
• W9976069 hasRelatedWork W3017054987 @default.
• W9976069 hasRelatedWork W9976069 @default.
• W9976069 isParatext "false" @default.
• W9976069 isRetracted "false" @default.
• W9976069 magId "9976069" @default.
• W9976069 workType "book-chapter" @default.