Name
Abstract | ||
|---|---|---|
We give an overview of the tools to detect computer viruses without relying on "pattern files" that contain "signatures" of previously captured viruses. The system combines static code analysis with code simulation to identify malicious behaviors commonly found in computer viruses such as mass mailing, file infection, and registry overwrite. These prohibited behaviors are defined separately as security policies at the level of API library function calls in a state-transition like manner. The current tools target at Win32 binary viruses on Intel IA32 architectures and early experiments show that they can detect most email viruses that had spread in the wild in recent years. |
Year | DOI | Venue |
|---|---|---|
2003 | 10.1007/978-3-540-37621-7_12 | Lecture Notes in Computer Science |
Keywords | Field | DocType |
computer viruses,state transition,security policy | Static program analysis,Simulation,Computer science,Computer virus,Computer network,Security policy,Binary number | Conference |
Volume | ISSN | Citations |
3233 | 0302-9743 | 3 |
PageRank | References | Authors |
0.47 | 3 | 1 |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Akira Mori | 1 | 8 | 2.60 |