Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
USS
2004
2004
Static Disassembly of Obfuscated Binaries
Disassembly is the process of recovering a symbolic representation of a program's machine code instructions from its binary representation. Recently, a number of techniques have been proposed that attempt to foil the disassembly process. These techniques are very effective against state-of-the-art disassemblers, preventing a substantial fraction of a binary program from being disassembled correctly. This could allow an attacker to hide malicious code from static analysis tools that depend on correct disassembler output (such as virus scanners). The paper presents novel binary analysis techniques that substantially improve the success of the disassembly process when confronted with obfuscated binaries. Based on control flow graph information and statistical methods, a large fraction of the program's instructions can be correctly identified. An evaluation of the accuracy and the performance of our tool is provided, along with a comparison to several state-of-the-art disassembl...
Real-time TrafficBinary Analysis Techniques | Disassembly Process | Operating System | State-of-the-art Disassemblers | USS 2004 |
Related Content
| Added | 31 Oct 2010 |
| Updated | 31 Oct 2010 |
| Type | Conference |
| Year | 2004 |
| Where | USS |
| Authors | Christopher Krügel, William K. Robertson, Fredrik Valeur, Giovanni Vigna |
Comments (0)
Researcher Info
|
