会议论文详细信息
International Conference on Design, Engineering and Computer Sciences 2018
Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
工业技术;计算机科学
Lim, Charles^1,2 ; Suryadi^3 ; Ramli, Kalamullah^1 ; Suhandi^2
Department of Electrical Engineering, Universitas Indonesia, Kampus UI, Depok
16424, Indonesia^1
Information Technology Department, Swiss German University, Kota Tangerang, Banten
15143, Indonesia^2
Department of Mathematics, Universitas Indonesia, Kampus UI, Depok
16424, Indonesia^3
关键词: Code extraction;    Executed instructions;    Malicious codes;    Memory locations;    Section size;   
Others  :  https://iopscience.iop.org/article/10.1088/1757-899X/453/1/012001/pdf
DOI  :  10.1088/1757-899X/453/1/012001
来源: IOP
PDF
【 摘 要 】

Malware authors often use binary packers to hinder the malicious code from reverse-engineered by malware analyst. There have been many studies done on providing different approaches on unpacking the packed binary executable. Our previous works have successfully relied on the written memory section size as an indicator to extract hidden-code during the unpacking process. This paper enhances our previous work by locating executed instruction in the written memory section to provide a more precise memory location in extracting hidden code from the packed binary executable. The result of our experiments exhibits higher similarity result for all packers and benign applications compared to our previous works.

【 预 览 】
附件列表
Files Size Format View
Mal-XT: Higher accuracy hidden-code extraction of packed binary executable 253KB PDF download
  文献评价指标  
  下载次数:12次 浏览次数:21次