@inproceedings{b72f2485b65a47449f197ecf1be18160,
title = "Sandboxing and reasoning on malware infection trees",
abstract = "Malware infection trees are computational structures for analyzing and identifying different processes and files during the execution of malware. In this paper, we describe a sandboxing-based formalization to predict malware behaviors such as the possibility of file and process creation. Model checking is used as a querying mechanism on a labeled transition system representing a malware infection tree. We evaluate computational feasibility of our formalism using a case study on Backdoor.WIN32.Poison malware and behavior specified by malware infection trees.",
keywords = "Cognition, Computational modeling, Malware, Markov processes, Model checking, Probabilistic logic",
author = "Krishnendu Ghosh and Morales, {Jose Andre} and William Casey and Bud Mishra",
year = "2016",
month = feb,
day = "18",
doi = "10.1109/MALWARE.2015.7413686",
language = "English (US)",
series = "2015 10th International Conference on Malicious and Unwanted Software, MALWARE 2015",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "69--73",
booktitle = "2015 10th International Conference on Malicious and Unwanted Software, MALWARE 2015",
note = "10th International Conference on Malicious and Unwanted Software, MALWARE 2015 ; Conference date: 20-10-2015 Through 22-10-2015",
}