To be an honest question poster I do not yet fully grasp the difference between small step and big step semantics. There was a good discussion here
My question is if I were to do static analysis on a file to determine if it is malware, what would be better to use: small step or big step semantics?
To take this a step further if I am doing dynamic analysis which would be best: small step or big step semantics?
Preferably a simple example as to why would be much appreciated.
