Abstract
The first steps in analyzing defensive malware are understanding what obfuscations are present in realworld malware binaries, how these obfuscations hinder analysis, and how they can be overcome. While some obfuscations have been reported independently, this survey consolidates the discussion while adding substantial depth and breadth to it. This survey also quantifies the relative prevalence of these obfuscations by using the Dyninst binary analysis and instrumentation tool that was recently extended for defensive malware analysis. The goal of this survey is to encourage analysts to focus on resolving the obfuscations that are most prevalent in real-world malware. © 2013 ACM.
Author supplied keywords
Cite
CITATION STYLE
Roundy, K. A., & Miller, B. P. (2013, July 1). Binary-code obfuscations in prevalent packer tools. ACM Computing Surveys. https://doi.org/10.1145/2522968.2522972
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
