Malware are more and more difficult to analyze, using conventional static and dynamic analysis tools, because they use commercially off-the-shelf specialized tools to protect their code. We present in this paper the b...
详细信息
ISBN:
(纸本)9781479925049
Malware are more and more difficult to analyze, using conventional static and dynamic analysis tools, because they use commercially off-the-shelf specialized tools to protect their code. We present in this paper the bases of a multi-targets, generic and automaticbinaryrewritingtool adapted to the analysis of protected and potentially hostile binary programs. It implements an emulator and several specialized analysis functions to firstly observe the target program and its execution environment, and next extract and simplify its representation. This simplification is done through the use of a new and generic method of information extraction and deobfuscation.
暂无评论