Semantics-aware malware detection

A malware detector is a system that attempts to determine whether a program has malicious intent. In order to evade detection, malware writers (hackers) frequently use obfuscation to morph malware. Malware detectors that use a pattern-matching approach (such as commercial virus scanners) are susceptible to obfuscations used by hackers. The fundamental deficiency in the pattern-matching approach to malware detection is that it is purely syntactic and ignores the semantics of instructions. In this paper, we present a malware-detection algorithm that addresses this deficiency by incorporating instruction semantics to detect malicious program traits. Experimental evaluation demonstrates that our malware-detection algorithm can detect variants of malware with a relatively low run-time overhead. Moreover our semantics-aware malware detection algorithm is resilient to common obfuscations used by hackers.

• Publication year

  2005

• Venue

  IEEE Symposium on Security and Privacy

• Publication date

  2005-05-08

• Fields of study

  Computer Science

• Identifiers
  DOI 10.1109/SP.2005.20
• External record

  Open on Semantic Scholar

• Source metadata

  Semantic Scholar

• No claims are published for this paper.

• No concepts are published for this paper.

• CSI/FBI Computer Crime and Security Survey

  2004cited by this paper
• Detecting kernel-level rootkits through binary analysis

  2004cited by this paper
• Static Disassembly of Obfuscated Binaries

  2004cited by this paper
• The UCLID Decision Procedure

  2004cited by this paper
• Testing malware detectors

  2004cited by this paper
• Reliable identification of bounded-length viruses is NP-complete

  2003cited by this paper
• Obfuscation of executable code to improve resistance to static disassembly

  2003cited by this paper
• Static Analysis of Executables to Detect Malicious Patterns

  2003cited by this paper
• Using programmer-written compiler extensions to catch security holes

  2002cited by this paper
• Automatic formal verification for scheduled VLIW code

  2002cited by this paper
• MOPS: an infrastructure for examining security properties of software

  2002cited by this paper
• Analysis and detection of computer viruses and worms: an annotated bibliography

  2002cited by this paper
• Improving computer security using extended static checking

  2002cited by this paper
• CSI/FBI computer crime and security survey

  2001cited by this paper
• Automatically validating temporal safety properties of interfaces

  2001cited by this paper
• HUNTING FOR METAMORPHIC

  2001cited by this paper
• IRM enforcement of Java stack inspection

  2000cited by this paper
• Bandera: extracting finite-state models from Java source code

  2000cited by this paper
• Attacking Malicious Code: A Report to the Infosec Research Council

  2000cited by this paper
• Automatic formal verification of dsp software

  2000cited by this paper
• An Undetectable Computer Virus

  2000cited by this paper
• Translation validation for an optimizing compiler

  2000cited by this paper
• Verification of control flow based security properties

  1999cited by this paper
• Translation Validation

  1998cited by this paper
• Computer virus-antivirus coevolution

  1997cited by this paper
• Checking for Race Conditions in File Accesses

  1996cited by this paper
• Refereed paper: MCF: a malicious code filter

  1995cited by this paper
• Computer viruses: Theory and experiments

  1987cited by this paper

• SALT4Decompile: Inferring Source-level Abstract Logic Tree for LLM-Based Binary Decompilation

  2025cites this paper
• APT-ClaritySet: A Large-Scale, High-Fidelity Labeled Dataset for APT Malware with Alias Normalization and Graph-Based Deduplication

  2025cites this paper
• SoK: AI Support for Analyst Situation Awareness in Security Operation Centres

  2025cites this paper
• Bridging the Gap between Real-World and Formal Binary Lifting through Filtered-Simulation

  2025cites this paper
• Large Language Model-Based Malware Detection for the Windows Operating System

  2025cites this paper
• A Robust Malware Detection Framework Using Control Flow Graphs, Node2Vec, and GCN Integration

  2025cites this paper
• Beyond Accuracy: Robustness and Explainability in Adversarial Malware Detection

  2025cites this paper
• Hybrid Approach for Zero-Day Malware Detection Using Deep Features and Support Vector Machines

  2025cites this paper
• DeepVMUnProtect: Neural Network-Based Recovery of VM-Protected Android Apps for Semantics-Aware Malware Detection

  2025influential citation
• Deep Learning Models for Malware Family Detection

  2025cites this paper
• On the Robustness of Malware Detectors to Adversarial Samples

  2024cites this paper
• A Wolf in Sheep's Clothing: Practical Black-box Adversarial Attacks for Evading Learning-based Windows Malware Detection in the Wild

  2024cites this paper
• Advancements in Cybersecurity Using Deep Learning Techniques Attack Detection for Trojan Horses

  2024cites this paper
• GENIE: Guarding the npm Ecosystem with Semantic Malware Detection

  2024cites this paper
• Intrusion Detection at Scale with the Assistance of a Command-line Language Model

  2024cites this paper
• MDGraph: A novel malware detection method based on memory dump and graph neural network

  2024cites this paper
• URL Phishing attack Detection using Machine Learning Algorithms

  2024cites this paper
• metaNet: Interpretable unknown mobile malware identification with a novel meta-features mining algorithm

  2024cites this paper
• PARIS: A Practical, Adaptive Trace-Fetching and Real-Time Malicious Behavior Detection System

  2024cites this paper
• Detection of Malware Trojans in Software using Machine Learning

  2024cites this paper
• DeGPT: Optimizing Decompiler Output with LLM

  2024cites this paper
• Advanced Persistent Threats (APT): evolution, anatomy, attribution and countermeasures

  2023cites this paper
• A Survey of Traditional and Machine Learning-based Malware Detection Techniques

  2023cites this paper
• Breaking the structure of MaMaDroid

  2023cites this paper
• Malware Classification using Malware Visualization and Deep Learning

  2023cites this paper
• Malware Finances and Operations: a Data-Driven Study of the Value Chain for Infections and Compromised Access

  2023cites this paper
• SYMBEXCEL: Automated Analysis and Understanding of Malicious Excel 4.0 Macros

  2022cites this paper
• Register Automata for Malware Specification

  2022cites this paper
• Towards Automated Safety Vetting of Smart Contracts in Decentralized Applications

  2022cites this paper
• ConcSpectre: Be Aware of Forthcoming Malware Hidden in Concurrent Programs

  2022cites this paper
• SMODIC: A Model Checker for Self-modifying Code

  2022cites this paper
• Generic, efficient, and effective deobfuscation and semantic-aware attack detection for PowerShell scripts

  2022cites this paper
• Cybercrimes and defense approaches in vehicular networks

  2022cites this paper
• Unsupervised Learning Approaches for Construction of Malware Families

  2022cites this paper
• Automation Detection of Malware and Stenographical Content using Machine Learning

  2022cites this paper
• A Review on Malware Detection Methods

  2022cites this paper
• EII-MBS: Malware Family Classification via Enhanced Instruction-level Behavior Semantic Learning

  2022cites this paper
• Data-aware process discovery for malware detection: an empirical study

  2022cites this paper
• Dazzle-attack: Anti-Forensic Server-side Attack via Fail-Free Dynamic State Machine

  2022cites this paper
• Flexible Android Malware Detection Model based on Generative Adversarial Networks with Code Tensor

  2022cites this paper
• Combating Adversarial Covert Channels in Wi-Fi Networks

  2022cites this paper
• Behavior-based detection and classification of malicious software utilizing structural characteristics of group sequence graphs

  2022cites this paper
• MDCD: A malware detection approach in cloud using deep learning

  2022cites this paper
• Deep Learning Methods for Malware and Intrusion Detection: A Systematic Literature Review

  2022cites this paper
• Malware: Types, Analysis and Classifications

  2022cites this paper
• Detection and classification of malicious software utilizing Max-Flows between system-call groups

  2022cites this paper
• Empirical Evaluation of Minority Oversampling Techniques in the Context of Android Malware Detection

  2021cites this paper
• Identifying the Author Group of Malwares through Graph Embedding and Human-in-the-Loop Classification

  2021cites this paper
• Vehicle Security: A Survey of Security Issues and Vulnerabilities, Malware Attacks and Defenses

  2021cites this paper
• Obfuscated Malware Detection Using Deep Generative Model based on Global/Local Features

  2021cites this paper
• MALWARE CLASSIFICATION SYSTEM USING WEIGHTLESS NEURAL NETWORKS

  2021cites this paper
• Intelligent malware detection based on graph convolutional network

  2021cites this paper
• When Malware Changed Its Mind: An Empirical Study of Variable Program Behaviors in the Real World

  2021cites this paper
• Hypervisor-assisted dynamic malware analysis

  2021cites this paper
• Malware Incident Prevention and Handling

  2021influential citation
• Malware Detection: Issues and Challenges

  2021cites this paper
• Attacks on Visualization-Based Malware Detection: Balancing Effectiveness and Executability

  2021cites this paper
• MiBeX: Malware-Inserted Benign Datasets for Explainable Machine Learning

  2021cites this paper
• Accurate and Robust Malware Analysis through Similarity of External Calls Dependency Graphs (ECDG)

  2021cites this paper
• Computing with time: microarchitectural weird machines

  2021cites this paper
• Performance Comparison of Android Malware Detection Methods

  2021cites this paper
• Memory and Cache Contention Denial-of-Service Attack in Mobile Edge Devices

  2021cites this paper
• AI-HydRa: Advanced hybrid approach using random forest and deep learning for malware classification

  2021cites this paper
• LSGAN-AT: enhancing malware detector robustness against adversarial examples

  2021cites this paper
• Applying Natural Language Processing for detecting malicious patterns in Android applications

  2021cites this paper
• DroidClone: Attack of the android malware clones - a step towards stopping them

  2021cites this paper
• Learning metamorphic malware signatures from samples

  2021cites this paper
• Feature Selection and Performance Improvement of Malware Detection System using Cuckoo Search Optimization and Rough Sets

  2020cites this paper
• A Human-in-the-Loop Approach to Malware Author Classification

  2020cites this paper
• An Algorithmic Framework for Malicious Software Detection Exploring Structural Characteristics of Behavioral Graphs

  2020cites this paper
• Model checking and machine learning techniques for HummingBad mobile malware detection and mitigation

  2020cites this paper
• SLAM: A Malware Detection Method Based on Sliding Local Attention Mechanism

  2020cites this paper
• Automatically Generating Malware Summary Using Semantic Behavior Graphs (SBGs)

  2020cites this paper
• Representing String Computations as Graphs for Classifying Malware

  2020cites this paper
• Feature Reduction and Optimization of Malware Detection System Using Ant Colony Optimization and Rough Sets

  2020cites this paper
• File Checker: Determining Behavioural Signatures of an Executable Binary to Detect Malware

  2020cites this paper
• On Second-Order Detection of Webcam Spyware

  2020cites this paper
• Classification and Analysis of Security Techniques for the User Terminal Area in the Internet Banking Service

  2020cites this paper
• Experimental Comparison of Features and Classifiers for Android Malware Detection

  2020cites this paper
• A Malware Detection Method Based on Rgb Image

  2020cites this paper
• Identifying parasitic malware as outliers by code clustering

  2020cites this paper
• JSidentify: A Hybrid Framework for Detecting Plagiarism Among JavaScript Code in Online Mini Games

  2020cites this paper
• Applications in Security and Evasions in Machine Learning: A Survey

  2020cites this paper
• Learning URL Embedding for Malicious Website Detection

  2020cites this paper
• DETECTION OF HIDDEN FUNCTIONALITIES OF SMART PHONE MALWARE APP USING PATTERN-MATCHING TECHNIQUES

  2020cites this paper
• Malware Detection with Sequence-Based Machine Learning and Deep Learning

  2020cites this paper
• A Praise for Defensive Programming: Leveraging Uncertainty for Effective Malware Mitigation

  2020cites this paper
• Arch ī um Ateneo Arch um Ateneo

  2020influential citation
• CTL Model Checking of Self Modifying Code

  2020cites this paper
• A Comprehensive Review on Malware Detection Approaches

  2020cites this paper
• Smartphone Based Botnet Detection using Behavioral Analysis

  2020cites this paper
• Malware Detection Based on Term Frequency Analysis of GPRs Features

  2020cites this paper
• Trojan Traffic Detection based on Machine Learning

  2020cites this paper
• API Based Discrimination of Ransomware and Benign Cryptographic Programs

  2020cites this paper
• Proceso para la identificación, clasificación y control del comportamiento de familias Ransomware

  2020cites this paper
• Malware Detection Based on Static and Dynamic Features Analysis

  2020cites this paper
• Intelligent Vision-Based Malware Detection and Classification Using Deep Random Forest Paradigm

  2020cites this paper
• EnsembleHMD: Accurate Hardware Malware Detectors with Specialized Ensemble Classifiers

  2020cites this paper
• A proactive malicious software identification approach for digital forensic examiners

  2019cites this paper
• RATScope: Recording and Reconstructing Missing RAT Attacks for Forensic Analysis with Semantics on Windows

  2019cites this paper