Skip to main content
European Commission logo
italiano italiano
CORDIS - Risultati della ricerca dell’UE
CORDIS
CORDIS Web 30th anniversary CORDIS Web 30th anniversary
Contenuto archiviato il 2024-06-18

MALCODE: Malicious Code Detection using Emulation

Obiettivo

After many years of security research and engineering, code injection attacks remain one of the most common methods for malware propagation, exposing significant limitations in current state-of-the-art attack detection systems. For instance, the recent massive outbreak of the Conficker worm in the beginning of 2009 resulted to more than 10 million infected machines worldwide. Malicious web sites also launch code injection attacks against unsuspecting visitors by exploiting vulnerabilities in popular web browsers, document viewers, media players, and other client applications. The increasing professionalism of cyber criminals and the constant rise in the number of malware variants and malicious websites make the need for effective malicious code detection more critical than ever. Once sophisticated tricks of only the most skilled virus authors, advanced evasion techniques like code obfuscation and polymorphism are now the norm in most malware variants and code injection attacks. As the number of new vulnerabilities and malware variants grows at a frenetic pace, detection approaches based on threat signatures, which are employed by most virus scanners and intrusion detection systems, cannot cope with the vast number of new malicious code variants. In the proposed project, we plan to design, develop, and evaluate novel malicious code detection algorithms based on code emulation. Working at the lowest level---the actual instructions that get executed---dynamic analysis using emulation unveils the actual malicious code without being affected by evasion techniques like encryption, polymorphism, or code obfuscation. Focusing on the behavior and not the structure of the code, we aim to identify common functionality and actions that are inherent to different types of malicious code, and use them for the development of new malicious code detection heuristics.

Invito a presentare proposte

FP7-PEOPLE-2009-IOF
Vedi altri progetti per questo bando

Coordinatore

IDRYMA TECHNOLOGIAS KAI EREVNAS
Contributo UE
€ 230 952,10
Indirizzo
N PLASTIRA STR 100
70013 Irakleio
Grecia

Mostra sulla mappa

Regione
Νησιά Αιγαίου Κρήτη Ηράκλειο
Tipo di attività
Research Organisations
Contatto amministrativo
Evangelos Markatos (Prof.)
Collegamenti
Costo totale
Nessun dato