[langsec-discuss] Studying malware in terms of LangSec

Sashank Dara krishna.sashank at gmail.com
Wed Nov 26 09:09:25 UTC 2014


But what are the theoretical roots ?
Can we model the variations in the code that exhibit the same behavior ?

(Am not able to articulate it more formally , let me give a try)
Say how to model two different strings of same language exhibiting same
behavior ?

Can we model run time behavior of  a program in Computation theory at all ?


Regards,
Sashank
http://lnkd.in/88sgfr

On Tue, Nov 25, 2014 at 7:24 PM, Andrew <munin at mimisbrunnr.net> wrote:

> There are tools like this that might help some:
> https://symdiff.codeplex.com/
>
> On 11/25/2014 08:34 AM, Sashank Dara wrote:
> > Hi ,
> >
> > Am curious if we can study sophisticated metamorphic and polymorphic
> > malwares of current day in terms of langsec ?
> >
> > Classic File hashes like MD5,  SHA etc are no longer helping in
> > identifying malware programs that are mutating . So current research is
> > around using control flow graphs or structural properties or feature
> > vectors in order to identify malware files belonging to similar family.
> >
> > how can we identify two (or more) programs that produce same malicious
> > affect , say using theory of computer science and lang sec principles
> >
> > Regards,
> > Sashank
> > http://lnkd.in/88sgfr
> >
> >
> > _______________________________________________
> > langsec-discuss mailing list
> > langsec-discuss at mail.langsec.org
> > https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
> >
> _______________________________________________
> langsec-discuss mailing list
> langsec-discuss at mail.langsec.org
> https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.langsec.org/pipermail/langsec-discuss/attachments/20141126/3e16b113/attachment.html>


More information about the langsec-discuss mailing list