Targeting malware discrimination based on reversed association task

Publication Type:
Journal Article
Citation:
Concurrency Computation, 2018
Issue Date:
2018-01-01
Filename Description Size
20180921_CCPE_Targeting_malware_final.pdfAccepted Manuscript Version817.25 kB
Adobe PDF
Full metadata record
©2018 John Wiley & Sons, Ltd. Regarding the current situation that the recognition rate of malware is decreasing, the article points out that the reason for this dilemma is that more and more targeting malware have emerged, which share little or no common feature with traditional malware. The premise of malware recognition judging whether a software is malicious or benign is actually a decision problem. We propose that malware discrimination should resort to the corresponding task or purpose. We first present a formal definition of a task and then provide further classifications of malicious tasks. Based on the decidable theory, we prove that task performed by any software is recursive and determinable. By establishing a mapping from software to task, we prove that software is many-to-one reducible to corresponding tasks. Thus, we demonstrate that software, including malware, is also recursive and can be determined by the corresponding tasks. Finally, we present the discrimination process of our method. Nine real malwares are presented, which were firstly discriminated by our method but at that time could not be identified by Kaspersky, McAfee, Symantec Norton, or Kingsoft Antivirus.
Please use this identifier to cite or link to this item: