Solved

lexical analysis and malware

Posted on 2009-03-31
2
486 Views
Last Modified: 2013-11-22
Hello,

How can malware detection techniques can be related to lexical analysis ?

Thanks in advance for any info !
0
Comment
Question by:unknown_
2 Comments
 
LVL 6

Accepted Solution

by:
IKZ earned 500 total points
ID: 24034911
Well just like every lexeme has a token associated with it to characterize it, so does a virus have a signature and it's "token" is a spot in the virus definition dictionary.  Signature based detection is the most common method that antivirus software uses to identify malware. This method is somewhat limited by the fact that it can only identify a limited amount of emerging threats, e.g. generic, or extremely broad, signatures.

For instance:
Lexeme: =    Token:  ASSIGN_OP
Lexeme: 5    Token:  NUMBER

Virus:  8 random character .dll file in system32 folder   Definition:  Vundo or Virtumonde

To the same effect, Tokenization is similar to the detection of viruses.
The first stage of lexical analysis is called the Scanner (just like in virus detection- it scans for certain things, like 8 random character .dll files in system32 folder like we talked about above.  Then the second stage in LA is called the evaluator.  Antivirus scanners do the same thing-- it finds data, usually broad, general or generic things, then evaluates or analyzes them and assigns them a value (virus or not).

Does this help at all?
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The 21st century solution to antiquated pagers.
Knowing where your website is hosted is as important as the features you receive, the monthly fee, and the support you receive. Due diligence should be done when choosing your next hosting provider.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question