Malware classification and composition analysis: A survey of recent developments
Malware detection and classification are becoming more and more challenging, given the
complexity of malware design and the recent advancement of communication and …
complexity of malware design and the recent advancement of communication and …
From hack to elaborate technique—a survey on binary rewriting
M Wenzl, G Merzdovnik, J Ullrich… - ACM Computing Surveys …, 2019 - dl.acm.org
Binary rewriting is changing the semantics of a program without having the source code at
hand. It is used for diverse purposes, such as emulation (eg, QEMU), optimization (eg …
hand. It is used for diverse purposes, such as emulation (eg, QEMU), optimization (eg …
Limits of static analysis for malware detection
Malicious code is an increasingly important problem that threatens the security of computer
systems. The traditional line of defense against malware is composed of malware detectors …
systems. The traditional line of defense against malware is composed of malware detectors …
Obfuscation of executable code to improve resistance to static disassembly
C Linn, S Debray - Proceedings of the 10th ACM conference on …, 2003 - dl.acm.org
A great deal of software is distributed in the form of executable code. The ability to reverse
engineer such executables can create opportunities for theft of intellectual property via …
engineer such executables can create opportunities for theft of intellectual property via …
[PDF][PDF] Efficient, transparent, and comprehensive runtime code manipulation
D Bruening, S Amarasinghe - 2004 - burningcutlery.com
This thesis addresses the challenges of building a software system for general-purpose
runtime code manipulation. Modern applications, with dynamically-loaded modules and …
runtime code manipulation. Modern applications, with dynamically-loaded modules and …
Hybrid analysis and control of malware
Malware attacks necessitate extensive forensic analysis efforts that are manual-labor
intensive because of the analysis-resistance techniques that malware authors employ. The …
intensive because of the analysis-resistance techniques that malware authors employ. The …
Static disassembly of obfuscated binaries
C Kruegel, W Robertson, F Valeur… - USENIX security …, 2004 - usenix.org
Disassembly is the process of recovering a symbolic representation of a program's machine
code instructions from its binary representation. Recently, a number of techniques have …
code instructions from its binary representation. Recently, a number of techniques have …
Whole program path-based dynamic impact analysis
J Law, G Rothermel - 25th International Conference on …, 2003 - ieeexplore.ieee.org
Impact analysis, determining when a change in one part of a program affects other parts of
the program, is time-consuming and problematic. Impact analysis is rarely used to predict …
the program, is time-consuming and problematic. Impact analysis is rarely used to predict …
[PDF][PDF] A Binary Rewriting Defense Against Stack based Buffer Overflow Attacks.
M Prasad, T Chiueh - USENIX Annual Technical Conference, General …, 2003 - usenix.org
Buffer overflow attack is the most common and arguably the most dangerous attack method
used in Internet security breach incidents reported in the public literature. Various solutions …
used in Internet security breach incidents reported in the public literature. Various solutions …
Very fast containment of scanning worms, revisited
Computer worms—malicious, self-propagating programs—represent a significant threat to
large networks. One possible defense, containment, seeks to limit a worm's spread by …
large networks. One possible defense, containment, seeks to limit a worm's spread by …