laboratoire IBISC, bat. IBGBI, 23 bd de France, Evry. Salle de réunion 3ème étage: comment y aller
Il est possible de garer sa voiture dans le parking souterrain en appelant la loge à partir de la borne d'entrée
14h00-15h00: Charles Paperman (IRIF), "Streaming and Circuit Complexity"
Abstract : In this talk, I will present a connection between the streaming complexity and the circuit complexity of regular languages through a notion of streaming by block. This result provides tight constructions of boolean circuits computing an automaton, thanks to some classical and recent results on the circuit complexity of regular languages.
15h00-15h30 : Khanh-Huu-The Dam (LIPN), "Automatic Extraction of Malicious Behaviors"
Abstract : The number of new malwares is increasing everyday. Thus malware detection is nowadays a big challenge. The existing techniques for malware detection require a huge effort of engineering to manually extract the malicious behaviors. To avoid this tedious task, we propose in this paper an approach to automatically extract the malicious behaviors. We model a program using an API call graph, and we represent the malicious behaviors using a malicious API graph. We then reduce the malicious behavior extraction problem to the problem of retrieving from the benign and malicious API call graphs the set of subgraphs that are relevant for malicious behaviors. We solve this issue by applying and adapting well-known efficient Information Retrieval techniques based on the TFIDF scheme. We use our automatically extracted malicious behavior specification for malware detection using a kind of product between graphs. We obtained interesting experimental results, as we get 99.04% of detection rate. Moreover, we were able to detect several malwares that well-known and widely used antiviruses such as Panda, Avira, Kaspersky, Avast, Qihoo- 360, McAfee, AVG, BitDefender, ESET-NOD32, F-Secure, and Symantec could not detect. This is a joint work with Tayssir Touili.
15h30-16h00: pause café
16h00-16h30: vie du groupe