2013 Fiscal Year Final Research Report
A Method for Analyzing Evolution of Computer Viruses
| Project/Area Number |
24650032
|
|---|
| Research Category |
Grant-in-Aid for Challenging Exploratory Research
|
| Allocation Type | Single-year Grants |
|---|
| Research Field |
Computer system/Network
|
|---|
| Research Institution | National Institute of Advanced Industrial Science and Technology |
|---|
Principal Investigator |
MORI Akira 独立行政法人産業技術総合研究所, 知能システム研究部門, 研究グループ長 (30311682)
|
|---|
| Project Period (FY) |
2012-04-01 – 2014-03-31
|
| Keywords | ネットワークセキュリティ技術 / コンピューターウィルス / 進化予測 / バイナリーコード解析 |
|---|
| Research Abstract |
We have developed an automated method for analyzing evolution processes of computer viruses. We successfully reconstructed phylogenetic trees for real-world computer virus samples by comparing control flow graphs obtained by binary code analysis of executable programs. We also examined how frequent attack patterns of computer viruses appear along estimated evolution processes. In doing so, we developed a new method for identifying and analyzing context dependent shared code segments, such as functions and procedures, in binary executables without assuming the use of high-level programming languages.
|
