Mila Dalla Preda

Learn More
Malware detection is a crucial aspect of software security. Current malware detectors work by checking for <i>signatures</i>, which attempt to capture the syntactic characteristics of the machine-level byte sequence of the malware. This reliance on a syntactic approach makes current detectors vulnerable to code obfuscations, increasingly used by malware(More)
Proving deadlock freedom for distributed applications is complex. It becomes even harder if those applications dynamically adapt to face needs which were unexpected when the application was deployed or even started. We present a framework ensuring this key property by construction. Our framework includes a language called Adaptive Interaction-Oriented(More)
Code obfuscation and software watermarking are well known techniques designed to prevent the illegal reuse of software. Code obfuscation prevents malicious reverse engineering, while software watermarking protects code from piracy. An interesting class of algorithms for code obfuscation and software watermarking relies on the insertion of opaque predicates.(More)
Abstraction of semantics of blocks of a binary is termed as 'juice.' Whereas the denotational semantics summarizes the computation performed by a block, its juice presents a template of the relationships established by the block. BinJuice is a tool for extracting the 'juice' of a binary. It symbolically interprets individual blocks of a binary to extract(More)
Control code obfuscation is intended to prevent malicious reverse engineering of software by masking the program control flow. These obfuscating transformations often rely on the existence of opaque predicates, that support the design of transformations that break up the program control flow. We prove that an algorithm for control obfuscation by opaque(More)
In recent years code obfuscation has attracted research interest as a promising technique for protecting secret properties of programs. The basic idea of code obfuscation is to transform programs in order to hide their sensitive information while preserving their functionality. One of the major drawbacks of code obfuscation is the lack of a rigorous(More)
Metamorphic malware apply semantics-preserving transformations to their own code in order to foil detection systems based on signature matching. In this paper we consider the problem of automatically extract metamorphic signatures from these malware. We introduce a semantics for self-modifying code, later called phase semantics, and prove its correctness by(More)
Malware detection is a crucial aspect of software security. Malware typically recur to a variety of disguise and concealing techniques in order to avoid detection. Metamorphism is the ability of a program to mutate its form yet keeping unchanged its functionality and therefore its danger in case of malware. A major challenge in this field is the development(More)