Paper ID: 2211.03068

MAIL: Malware Analysis Intermediate Language

Shahid Alam

This paper introduces and presents a new language named MAIL (Malware Analysis Intermediate Language). MAIL is basically used for building malware analysis and detection tools. MAIL provides an abstract representation of an assembly program and hence the ability of a tool to automate malware analysis and detection. By translating binaries compiled for different platforms to MAIL, a tool can achieve platform independence. Each MAIL statement is annotated with patterns that can be used by a tool to optimize malware analysis and detection.

Submitted: Nov 6, 2022

Topics

Data Detection
Malware Detection
Detection Method
Malware Analysis

Links

arXiv PDF