Automatic generation of vaccines for malware immunization

Zhaoyan Xu, Jialong Zhang, Guofei Gu, Zhiqiang Lin
2012 Proceedings of the 2012 ACM conference on Computer and communications security - CCS '12  
Inspired by the biological vaccines, we explore the possibility of developing similar vaccines for malware immunization. We provide the first systematic study towards this direction and present a prototype system, AGAMI, for automatic generation of vaccines for malware immunization. With a novel use of several dynamic malware analysis techniques, we show that it is possible to extract a lightweight vaccine from current malware, and after injecting such vaccine on clean machines, they can be
more » ... es, they can be immune from future infection from the same malware family. We evaluate AGAMI on a large set of real-world malware samples and successfully extract working vaccines for many families such as Conficker and Zeus. We believe it is an appealing complementary technique to existing malware defense solutions.
doi:10.1145/2382196.2382317 dblp:conf/ccs/XuZGL12 fatcat:evihnfpd2jas5ot73qtdr45ina