Binary-code obfuscations in prevalent packer tools
The first steps in analyzing defensive malware are understanding what obfuscations are
present in real-world malware binaries, how these obfuscations hinder analysis, and how …
present in real-world malware binaries, how these obfuscations hinder analysis, and how …
From hack to elaborate technique—a survey on binary rewriting
M Wenzl, G Merzdovnik, J Ullrich… - ACM Computing Surveys …, 2019 - dl.acm.org
Binary rewriting is changing the semantics of a program without having the source code at
hand. It is used for diverse purposes, such as emulation (eg, QEMU), optimization (eg …
hand. It is used for diverse purposes, such as emulation (eg, QEMU), optimization (eg …
Java quality assurance by detecting code smells
E Van Emden, L Moonen - Ninth Working Conference on …, 2002 - ieeexplore.ieee.org
Software inspection is a known technique for improving software quality. It involves carefully
examining the code, the design, and the documentation of software and checking these for …
examining the code, the design, and the documentation of software and checking these for …
Analyzing memory accesses in x86 executables
G Balakrishnan, T Reps - International conference on compiler …, 2004 - Springer
This paper concerns static-analysis algorithms for analyzing x86 executables. The aim of the
work is to recover intermediate representations that are similar to those that can be created …
work is to recover intermediate representations that are similar to those that can be created …
Static disassembly of obfuscated binaries
C Kruegel, W Robertson, F Valeur… - USENIX security …, 2004 - usenix.org
Disassembly is the process of recovering a symbolic representation of a program's machine
code instructions from its binary representation. Recently, a number of techniques have …
code instructions from its binary representation. Recently, a number of techniques have …
Wysinwyx: What you see is not what you execute
G Balakrishnan, T Reps - ACM Transactions on Programming …, 2010 - dl.acm.org
Over the last seven years, we have developed static-analysis methods to recover a good
approximation to the variables and dynamically allocated memory objects of a stripped …
approximation to the variables and dynamically allocated memory objects of a stripped …
[PDF][PDF] Static detection of malicious code in executable programs
J Bergeron, M Debbabi, J Desharnais, MM Erhioui… - Int. J. of Req …, 2001 - academia.edu
In this paper, we propose a new approach for the static detection of malicious code in
executable programs. Our approach rests on a semantic analysis based on behaviour that …
executable programs. Our approach rests on a semantic analysis based on behaviour that …
Assessment and analysis of software security flaws in virtual machines
CJ Wysopal, MP Moynahan, JR Stevenson - US Patent 8,613,080, 2013 - Google Patents
Security analysis and vulnerability testing results are “pack aged” or “bound to” the actual
software it describes. By linking the results to the software itself, downstream users of the …
software it describes. By linking the results to the software itself, downstream users of the …
Jucify: A step towards android code unification for enhanced static analysis
Native code is now commonplace within Android app packages where it co-exists and
interacts with Dex bytecode through the Java Native Interface to deliver rich app …
interacts with Dex bytecode through the Java Native Interface to deliver rich app …
[图书][B] Malicious cryptography: Exposing cryptovirology
A Young, M Yung - 2004 - books.google.com
Hackers have uncovered the dark side of cryptography—that device developed to defeat
Trojan horses, viruses, password theft, and other cyber-crime. It's called cryptovirology, the …
Trojan horses, viruses, password theft, and other cyber-crime. It's called cryptovirology, the …