Loading...
Please wait, while we are loading the content...
Similar Documents
A Framework for Understanding Dynamic Anti-Analysis Defenses
| Content Provider | ACM Digital Library |
|---|---|
| Author | Qiu, Jing Yadegari, Babak Su, Xiaohong Johannesmeyer, Brian Debray, Saumya |
| Abstract | Malicious code often use a variety of anti-analysis and anti-tampering defenses to hinder analysis. Researchers trying to understand the internal logic of the malware have to penetrate these defenses. Existing research on such anti-analysis defenses tend to study them in isolation, thereby failing to see underlying conceptual similarities between different kinds of anti-analysis defenses. This paper proposes an information-flow-based framework that encompasses a wide variety of anti-analysis defenses. We illustrate the utility of our approach using two different instances of this framework: self-checksumming-based anti-tampering defenses and timing-based emulator detection. Our approach can provide insights into the underlying structure of various anti-analysis defenses and thereby help devise techniques for neutralizing them. |
| Starting Page | 1 |
| Ending Page | 9 |
| Page Count | 9 |
| File Format | |
| ISBN | 9781605586373 |
| DOI | 10.1145/2689702.2689704 |
| Language | English |
| Publisher | Association for Computing Machinery (ACM) |
| Publisher Date | 2014-12-09 |
| Publisher Place | New York |
| Access Restriction | Subscribed |
| Subject Keyword | Anti-analysis defense Sefl-checksumming Taint analysis Timing defense |
| Content Type | Text |
| Resource Type | Article |
