White Papers

Impeding Malware Analysis Using Conditional Code Obfuscation

Overview Malware programs that incorporate trigger-based behavior initiate malicious activities based on conditions satisfied only by specific inputs. State-of-the-art malware analyzers discover code guarded by triggers via multiple path exploration, symbolic execution, or forced conditional execution, all without knowing the trigger inputs. This paper presents a malware obfuscation technique that automatically conceals specific trigger-based behavior from these malware analyzers. Their technique automatically transforms a program by encrypting code that is conditionally dependent on an input value with a key derived from the input and then removing the key from the program. They have implemented a compiler-level tool that takes a malware source program and automatically generates an obfuscated binary.

By downloading you agree to our Terms and Conditions. These include information regarding use of your personal data.

Publisher: Georgia Institute of Technology
File Format: PDF
Date Published: Jun 20, 2009
Format: White Papers
Topics: Spyware, Network Security

Similiar White Papers

Social Networking: Brave New World or Revolution from Hell? A look at the phenomenon of Social Networking and the implications for Businesses

According to recent surveys, employee social networking is growing rapidly, on hot sites such as Facebook, LinkedIn and

Publisher: MessageLabs, now part of Symantec | Tags: enterprise security, social networking

Sophos Endpoint Security and Control - Free 30 Day Trial

Cross-platform security and control for your desktops, laptops, file servers and mobile devices. Sophos delivers complet

Publisher: Sophos | Tags: adware, mobile devices, spyware, voip

Antivirus Software and Disk Defragmentation

Want to speed up your antivirus scans? After years of anecdotal data from Diskeeper customers about the reduction in vir

Publisher: Diskeeper | Tags: antivirus, data, software

Sophos Web Security and Control - Free 30 Day Trial

Block spyware, viruses, phishing, malware, anonymizing proxies and other unwanted applications at the gateway and enable

Publisher: Sophos | Tags: applications, malware, phishing, spyware

TTAnalyze: A Tool for Analyzing Malware

Malware analysis is the process of determining the purpose and functionality of a given malware sample (such as a virus,

Publisher: IKARUS Security Software | Tags: api, malware, virus

Georgia Institute of Technology White Papers

Scalability of Network-Failure Resilience

Featured white papers

The Value of Location Intelligence in the Communications Industry

Pitney Bowes

Public Services are under pressure, the challenge is to do more with less. How do you improve citizen satisfaction, increase cost efficiencies and improve service delivery? The power of location intelligence is helping many local authorities...

Download now »
Best Practices for Translating Customer Satisfaction into Revenue

Citrix Online

Today's support organisations are focused on two top-level metrics: financial results and customer satisfaction. For most, it's easy to track financial performance, but customer satisfaction is akin to speaking a foreign language...

Download now »
HP print solutions and 3M

Hewlett-Packard (HP)

The objective for 3M was to optimize office printing infrastructure at 3M locations worldwide, reduce total cost and environmental footprint. Some of the business benefits acheived by switching to HP print solutions...

Download now »