UW Comp Sci Header
Useful InformationUW CS PeopleUW CS Graduate ProgramUW CS Undergraduate ProgramResearch at UW CSUseful Resources

Computer Security and Cryptography
Seminar
August 2003 Events

Date &
Location
Event
Friday, Aug. 1, 2003
4 - 5 PM
1325 CS

Mihai Christodorescu (web)

Computer Sciences Department (web)
University of Wisconsin, Madison (web)

Static Analysis of Executables to Detect Malicious Patterns

Malicious code detection is a crucial component of any defense mechanism. In this paper, we present a unique viewpoint on malicious code detection. We regard malicious code detection as an obfuscation-deobfuscation game between malicious code writers and researchers working on malicious code detection. Malicious code writers attempt to obfuscate the malicious code to subvert the malicious code detectors, such as anti-virus software. We tested the resilience of three commercial virus scanners against code obfuscation attacks. The results were surprising: the three commercial virus scanners could be subverted by very simple obfuscation transformations! We present an architecture for detecting malicious patterns in executables that is resilient to common obfuscation transformations. Experimental results demonstrate the efficacy of our prototype tool, SAFE (a static analyzer for executables).

This is a practice talk for USENIX Security'03. Comments and suggestions about the contents, clarity, and style of the presentation are welcome.

 There will be donuts and other treats.

Monday, Aug. 11, 2003
4 - 5 PM
2310 CS

Frontline, PBS Video, "Cyber War!"

We will be playing the video documentary "Cyber War!" from the Frontline series on PBS. The video will be followed by an open discussion.

The capsule summary is:

"A new form of warfare has broken out and the battleground is cyberspace. With weapons like embedded malicious code, probes and pings, there are surgical strikes, reverse neutron bombs, and the potential for assaults aimed directly at America's infrastructure - the power grid, water supply, and the air traffic control system."

< Back to the Sec & Crypto seminar schedule

Computer Sciences Department, University of Wisconsin - Madison
5355a Computer Sciences and Statistics | 1210 West Dayton Street, Madison, WI 53706
cs@cs.wisc.edu / voice: 608-262-1204 / fax: 608-262-9777