公开(公告)号：US20180068121A1

公开(公告)日：2018-03-08

申请号：US15255452

申请日：2016-09-02

Applicant: BAE SYSTEMS Information and Electronic Systems Integration Inc.

Inventor： Robert S. Gray ,  Vu T. Le ,  Robert B. Ross ,  Gregory S. Sadosuk ,  Michael J. Weber

IPC: G06F21/56 ,  G06F11/36 ,  G06F9/45

CPC classification number: G06F21/563 ,  G06F8/53 ,  G06F8/74 ,  G06F11/3636 ,  G06F2221/033

Abstract: A Taint Modeling Function (TMF) finds abstract patterns and uses them to automate the malware detection process. TMF involves the process of statically analyzing a sequence of assembly language instructions and abstracting complex relationships among instruction inputs and outputs into a mathematical function containing a set of algebraic expressions. The set of expressions support fully automating semantic pattern detection in binary code. It deterministically generates outputs given inputs determining code block outputs, for given inputs, without executing the code. It detects code patterns automatically to spot bad coding patterns directly from the binary used to detect bugs statically in the entire application space.