Skip to main content
European Commission logo
polski polski
CORDIS - Wyniki badań wspieranych przez UE
CORDIS
CORDIS Web 30th anniversary CORDIS Web 30th anniversary
Zawartość zarchiwizowana w dniu 2024-06-18

MALCODE: Malicious Code Detection using Emulation

Cel

After many years of security research and engineering, code injection attacks remain one of the most common methods for malware propagation, exposing significant limitations in current state-of-the-art attack detection systems. For instance, the recent massive outbreak of the Conficker worm in the beginning of 2009 resulted to more than 10 million infected machines worldwide. Malicious web sites also launch code injection attacks against unsuspecting visitors by exploiting vulnerabilities in popular web browsers, document viewers, media players, and other client applications. The increasing professionalism of cyber criminals and the constant rise in the number of malware variants and malicious websites make the need for effective malicious code detection more critical than ever. Once sophisticated tricks of only the most skilled virus authors, advanced evasion techniques like code obfuscation and polymorphism are now the norm in most malware variants and code injection attacks. As the number of new vulnerabilities and malware variants grows at a frenetic pace, detection approaches based on threat signatures, which are employed by most virus scanners and intrusion detection systems, cannot cope with the vast number of new malicious code variants. In the proposed project, we plan to design, develop, and evaluate novel malicious code detection algorithms based on code emulation. Working at the lowest level---the actual instructions that get executed---dynamic analysis using emulation unveils the actual malicious code without being affected by evasion techniques like encryption, polymorphism, or code obfuscation. Focusing on the behavior and not the structure of the code, we aim to identify common functionality and actions that are inherent to different types of malicious code, and use them for the development of new malicious code detection heuristics.

Zaproszenie do składania wniosków

FP7-PEOPLE-2009-IOF
Zobacz inne projekty w ramach tego zaproszenia

Koordynator

IDRYMA TECHNOLOGIAS KAI EREVNAS
Wkład UE
€ 230 952,10
Adres
N PLASTIRA STR 100
70013 Irakleio
Grecja

Zobacz na mapie

Region
Νησιά Αιγαίου Κρήτη Ηράκλειο
Rodzaj działalności
Research Organisations
Kontakt administracyjny
Evangelos Markatos (Prof.)
Linki
Koszt całkowity
Brak danych