USA flag logo/image

An Official Website of the United States Government

Formal Methods for Malware Detection

Award Information

Department of Defense
Office of the Secretary of Defense
Award ID:
Program Year/Program:
2006 / SBIR
Agency Tracking Number:
Solicitation Year:
Solicitation Topic Code:
Solicitation Number:
Small Business Information
Aries Design Automation, LLC
2705 West Byron Street Chicago, IL 60618-3745
View profile »
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No
Phase 1
Fiscal Year: 2006
Title: Formal Methods for Malware Detection
Agency / Branch: DOD / OSD
Contract: FA8750-06-C-0159
Award Amount: $100,000.00


Our objective is to develop highly automatic and scalable formal methods for malware detection. Existing tools for malware detection operate by searching for pattern matches with respect to signatures of known malware, and can account for only limited variations in the malware. That makes these detectors generally incapable of identifying newly released malware. Furthermore, due to the short signatures used for most malware, and the inability of these detectors to account for many code obfuscations, i.e., code transformations that preserve the malicious behavior and produce code with a radically different structure, such malware detectors are virtually incapable of identifying most of the obfuscated variants of known malware. In this proposed research we will: 1) investigate formal methods for detection of malicious intent in binary code; 2) develop automatic formal techniques to detect obfuscations that are based on reordering of the memory accesses in known malware; 3) explore formal approaches to account for obfuscations that are based on replacing instructions with different instructions that have equivalent semantics; and 4) develop efficient translations to SAT of the Boolean formulas generated in formal detection of malware in order to enable our malware detection tool to run on commodity PCs with limited memory.

Principal Investigator:

Miroslav N. Velev
President, CEO, CTO

Business Contact:

Miroslav N. Velev
President, CEO, CTO
Small Business Information at Submission:

30 River Court, Suite 2301 Jersey City, NJ 07310

EIN/Tax ID: 202887585
Number of Employees:
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No