Skip to main content


Antivirus; Virus scanner

Related Concepts

Dynamic Analysis; Intrusion Detection; Static Analysis


Malware is malicious software that was intentionally developed to infiltrate or damage a computer system without consent of the owner. This includes, among others, viruses, worms, and Trojan horses. Malware detection refers to the process of detecting the presence of malware on a host system or of distinguishing whether a specific program is malicious or benign.


Malware is one of the most serious security threats and spreads autonomously through vulnerabilities or carelessness of users. In order to protect a computer from infection or remove malware from a compromised computer system, it is essential to accurately detect malware. As a consequence of Rice’s Theorem (and shown by Cohen for the case of computer viruses [1]), determining whether a given program contains malicious functionality is generally undecidable. Thus, malware detection focuses on practical...

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
USD 799.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 949.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Recommended Reading

  1. Cohen F (1987) Computer viruses: theory and experiments. Comput Secur 6(1):22–35

    Google Scholar 

  2. Ször P, Ferrie P (2001) Hunting for metamorphic. In: Proceedings of 2001 Virus Bulletin Conference, Virus Bulletin, pp 123–144

    Google Scholar 

  3. Christodorescu M, Jha S, Maughan D, Song, Wang C (eds) Advances in information security. Malware detection, vol 27. Springer, New York, p 311

    Google Scholar 

  4. Ször P (2005) The art of computer virus research and defense. Addison Wesley, Upper Saddle River, p 713

    Google Scholar 

  5. Christodorescu M, Jha S, Kinder J, Katzenbeisser S, Veith H (2007) Software transformations to improve malware detection. J Comput Virol 3(4):253–265

    Google Scholar 

  6. Lakhotia A, Mohammed M (2004) Imposing order on program statements to assist anti-virus scanners. In: 11th Working Conference on Reverse Engineering Proceedings (WCRE 2004), Delft, 8–12 November 2004. IEEE Computer Society Press, Los Alamitos, pp 161–170

    Google Scholar 

  7. Preda MD, Christodorescu M, Jha S, Debray SK (2007) A semantics based approach to malware detection. In: Conference record of POPL 2007: the 34th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, French Riviera, 17–19 January 2007. ACM Press, New York, pp 377–388

    Google Scholar 

  8. Kinder J, Katzenbeisser S, Schallhart C, Veith H (2010) Proactive detection of computer worms using model checking. IEEE Trans Depend Secure Comput 7(4):424–438

    Google Scholar 

  9. Kolbitsch C, Comparetti PM, Kruegel C, Kirda E, Zhou X, Wang X (2009) Effective and efficient malware detection at the end host. In: Proceedings of the 18th Usenix Security Symposium (USENIX’09), Montreal, 10–14 August 2009. USENIX Association, Berkeley

    Google Scholar 

  10. Holz T, Freiling F, Willems C (2007) Toward automated dynamic malware analysis using CWSandbox. In: SP’07: Proceedings of the 2007 IEEE Symposium on Security and Privacy, Berkeley, 20–23 May 2007. IEEE Computer Society Press, Los Alamitos, pp 32–39

    Google Scholar 

  11. Natvig K (2002) Sandbox II: Internet. In: Proceedings of 2002 Virus Bulletin Conference, Virus Bulletin

    Google Scholar 

  12. Bayer U, Moser A, Krügel C, Kirda E (2006) Dynamic analysis of malicious code. J Comput Virol 2(1):67–77

    Google Scholar 

  13. Moser A, Kruegel C, Kirda E (2007) Exploring multiple execution paths for malware analysis. In: SP’07: Proceedings of the 2007 IEEE Symposium on Security and Privacy, Berkeley, 20–23 May 2007. IEEE Computer Society Press, Los Alamitos, pp 231–245

    Google Scholar 

Download references

Author information

Authors and Affiliations


Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer Science+Business Media, LLC

About this entry

Cite this entry

Katzenbeisser, S., Kinder, J., Veith, H. (2011). Malware Detection. In: van Tilborg, H.C.A., Jajodia, S. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA.

Download citation

Publish with us

Policies and ethics