Malware is emerging day by day.To evade detection,many malware obfuscation techniques have emerged.Dynamicmalware detectionmethods based on data flow graphs have attracted much attention since they can deal with the o...Malware is emerging day by day.To evade detection,many malware obfuscation techniques have emerged.Dynamicmalware detectionmethods based on data flow graphs have attracted much attention since they can deal with the obfuscation problem to a certain extent.Many malware classification methods based on data flow graphs have been proposed.Some of them are based on userdefined features or graph similarity of data flow graphs.Graph neural networks have also recently been used to implement malware classification recently.This paper provides an overview of current data flow graph-based malware classification methods.Their respective advantages and disadvantages are summarized as well.In addition,the future trend of the data flow graph-based malware classification method is analyzed,which is of great significance for promoting the development of malware detection technology.展开更多
In order to guarantee the correctness of business processes, not only control-flow errors but also data-flow errors should be considered. The control-flow errors mainly focus on deadlock, livelock, soundness, and so o...In order to guarantee the correctness of business processes, not only control-flow errors but also data-flow errors should be considered. The control-flow errors mainly focus on deadlock, livelock, soundness, and so on. However, there are not too many methods for detecting data-flow errors. This paper defines Petri nets with data operations(PN-DO) that can model the operations on data such as read, write and delete. Based on PN-DO, we define some data-flow errors in this paper. We construct a reachability graph with data operations for each PN-DO, and then propose a method to reduce the reachability graph. Based on the reduced reachability graph, data-flow errors can be detected rapidly. A case study is given to illustrate the effectiveness of our methods.展开更多
文摘Malware is emerging day by day.To evade detection,many malware obfuscation techniques have emerged.Dynamicmalware detectionmethods based on data flow graphs have attracted much attention since they can deal with the obfuscation problem to a certain extent.Many malware classification methods based on data flow graphs have been proposed.Some of them are based on userdefined features or graph similarity of data flow graphs.Graph neural networks have also recently been used to implement malware classification recently.This paper provides an overview of current data flow graph-based malware classification methods.Their respective advantages and disadvantages are summarized as well.In addition,the future trend of the data flow graph-based malware classification method is analyzed,which is of great significance for promoting the development of malware detection technology.
基金supported in part by the National Key R&D Program of China(2017YFB1001804)Shanghai Science and Technology Innovation Action Plan Project(16511100900)
文摘In order to guarantee the correctness of business processes, not only control-flow errors but also data-flow errors should be considered. The control-flow errors mainly focus on deadlock, livelock, soundness, and so on. However, there are not too many methods for detecting data-flow errors. This paper defines Petri nets with data operations(PN-DO) that can model the operations on data such as read, write and delete. Based on PN-DO, we define some data-flow errors in this paper. We construct a reachability graph with data operations for each PN-DO, and then propose a method to reduce the reachability graph. Based on the reduced reachability graph, data-flow errors can be detected rapidly. A case study is given to illustrate the effectiveness of our methods.