Using optimization algorithms for malware deobfuscation (CROSBI ID 367917)
Ocjenski rad | diplomski rad
Podaci o odgovornosti
Spasojević, Branko
Golub, Marin
Golub, Marin
engleski
Using optimization algorithms for malware deobfuscation
Analysis of malware binaries is constantly becoming more difficult with introduction of many different types of code obfuscators. One common theme in all obfuscators is transformation of code into a complex representation. This process can be viewed as inverse of compiler optimization techniques and as such can be partially removed using optimization algorithms. This paper presents common obfuscation techniques and a process of adapting optimization algorithms for removing obfuscations. Additionally, a plug-in for the IDA Pro disassembler is presented that demonstrates usability of the proposed optimization process as well as a set of techniques to speed up the process of analyzing obfuscated code.
deobfuscation; optimization; assembly; malware; binary; compiler
nije evidentirano
nije evidentirano
nije evidentirano
nije evidentirano
nije evidentirano
nije evidentirano
Podaci o izdanju
34
06.07.2010.
obranjeno
Podaci o ustanovi koja je dodijelila akademski stupanj
Fakultet elektrotehnike i računarstva
Zagreb