Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
WCRE
2009
IEEE
2009
IEEE
Automatic Static Unpacking of Malware Binaries
—Current malware is often transmitted in packed or encrypted form to prevent examination by anti-virus software. To analyze new malware, researchers typically resort to dynamic code analysis techniques to unpack the code for examination. Unfortunately, these dynamic techniques are susceptible to a variety of anti-monitoring defenses, as well as “time bombs” or “logic bombs,” and can be slow and tedious to identify and disable. This paper discusses an alternative approach that relies on static analysis techniques to automate this process. Alias analysis can be used to identify the existence of unpacking, static slicing can identify the unpacking code, and control flow analysis can be used to identify and neutralize dynamic defenses. The identified unpacking code can be instrumented and transformed, then executed to perform the unpacking. We present a working prototype that can handle a variety of malware binaries, packed with both custom and commercial packers, and containin...
Real-time Traffic| Added | 21 May 2010 |
| Updated | 21 May 2010 |
| Type | Conference |
| Year | 2009 |
| Where | WCRE |
| Authors | Kevin Coogan, Saumya K. Debray, Tasneem Kaochar, Gregg M. Townsend |
Comments (0)
Researcher Info
|
