#Finite state automata malware code
Phase semantics precisely models the metamorphic code behavior by providing a set of traces of programs which correspond to the possible evolutions of the metamorphic code during execution. We introduce a semantics for self-modifying code, later called phase semantics, and prove its correctness by showing that it is an abstract interpretation of the standard trace semantics. In this paper we consider the problem of automatically extract metamorphic signatures from these malware. We show that metamorphic signatures can be automatically extracted by abstract interpretation of the phase semantics, and that regular metamorphism can be modelled as finite state automata abstraction of the phase semantics.ĪB - Metamorphic malware apply semantics-preserving transformations to their own code in order to foil detection systems based on signature matching.
N2 - Metamorphic malware apply semantics-preserving transformations to their own code in order to foil detection systems based on signature matching. T1 - Modelling metamorphism by abstract interpretation
0 kommentar(er)
