 |
|
|
|
| HAL : inria-00433472, version 1 |
| Fiche détaillée |  Récupérer au format |
|
|
| 7th IEEE International Conference on Software Engineering and Formal Methods - SEFM 2009, Hanoi : Viet Nam (2009) |
|
|
|
|
| A computability perspective on self-modifying programs |
|
|
| Guillaume Bonfante 1Jean-Yves Marion 1 |
|
|
| (27/11/2009) |
|
|
|
| In order to increase their stealth, malware com- monly use the self-modification property of programs. By doing so, programs can hide their real code so that it is difficult to define a signature for it. But then, what is the meaning of those programs: the obfuscated form, or the hidden one? Furthermore, from a computability perspective, it becomes hard to speak about the program since, its own code varies over time. To cope with these issues, we provide an operational semantics for self-modifying programs and we show that they can be constructively rewritten to a non-modifying program. |
|
|
|
|
|
|
|
|
|
|
|
| 1 : | CARTE (INRIA Lorraine - LORIA) |
|
|
|
CNRS : UMR7503 – INRIA – Université Henri Poincaré - Nancy I – Université Nancy II – Institut National Polytechnique de Lorraine |
|
|
|
|
|
|
|
|
|
| Domaine | : | Informatique/Cryptographie et sécurité |
|
|
| Self-modifying code – semantics – computability – virus – obfuscation |
|
|
|
| Liste des fichiers attachés à ce document : | |||||
|
|||||
|
|
|
| inria-00433472, version 1 | |
| http://hal.archives-ouvertes.fr/inria-00433472/fr/ | |
| oai:hal.archives-ouvertes.fr:inria-00433472_v1 | |
| Contributeur : Guillaume Bonfante | |
| Soumis le : Jeudi 19 Novembre 2009, 14:39:28 | |
| Dernière modification le : Vendredi 20 Novembre 2009, 09:31:26 | |
