Abstract

Self modifying code is code that can modify its own instructions during the execution of the program. It is extensively used by malware writers to obfuscate their malicious code. Thus, analysing self modifying code is nowadays a big challenge. In this paper, we consider the LTL model-checking problem of self modifying code. We model such programs using self-modifying pushdown systems, an extension of pushdown systems that can modify its own set of transitions during execution. We reduce the LTL model-checking problem to the emptiness problem of self-modifying Büchi pushdown systems. We implemented our techniques in a tool that we successfully applied for the detection of several self-modifying malware. Our tool was also able to detect several malwares that well-known antiviruses such as BitDefender, Kinsoft, Avira, eScan, Kaspersky, Qihoo-360, Baidu, Avast, and Symantec failed to detect.

Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
LTL Model Checking of Self Modifying Code
Xin Ye ... Tayssir Touili
-
Xin Ye, et. al.Xin Ye ... Tayssir Touili
01 Nov 2019
Model checking LTL with regular valuations for pushdown systems
Stefan Schwoon ... Antonı́N Kučera
Information and Computation | VOL. 186
Stefan Schwoon, et. al.Stefan Schwoon ... Antonı́N Kučera
02 Jul 2003
Symbolic Backwards-Reachability Analysis for Higher-Order Pushdown Systems
Matthew Hague ... C -H Luke Ong
-
Matthew Hague, et. al.Matthew Hague ... C -H Luke Ong
01 Jan 2007
CTL Model Checking of Self Modifying Code
Tayssir Touili ... Xin Ye
-
Tayssir Touili, et. al.Tayssir Touili ... Xin Ye
01 Oct 2020
View more papers

More From: Formal Methods in System Design

Paper Title
Journal
Date
Author
Divider verification using symbolic computer algebra and delayed don’t care optimization: theory and practical implementation
Alexander Konrad ... Rolf Drechsler
Formal Methods in System Design | VOL. -
Alexander Konrad, et. al.Alexander Konrad ... Rolf Drechsler
24 May 2024
Information-flow interfaces
Ezio Bartocci ... Ana Oliveira Da Costa
Formal Methods in System Design | VOL. -
Ezio Bartocci, et. al.Ezio Bartocci ... Ana Oliveira Da Costa
23 May 2024
Dynamic dependability analysis of shuffle-exchange networks
Yassmeen Elderhalli ... Sofiène Tahar
Formal Methods in System Design | VOL. -
Yassmeen Elderhalli, et. al.Yassmeen Elderhalli ... Sofiène Tahar
15 May 2024
Mining of extended signal temporal logic specifications with ParetoLib 2.0
Akshay Mambakam ... Thao Dang
Formal Methods in System Design | VOL. -
Akshay Mambakam, et. al.Akshay Mambakam ... Thao Dang
06 May 2024
View more papers