Generic unpacking of self-modifying, aggressive, packed binary programs Extending joebox -a scriptable malware analysis system, 2008. ,
Ttanalyze: A tool for analyzing malware, 15th European Institute for Computer Antivirus Research, 2006. ,
Dispatcher, Proceedings of the 16th ACM conference on Computer and communications security, CCS '09, pp.621-634, 2009. ,
DOI : 10.1145/1653662.1653737
Polyglot, Proceedings of the 14th ACM conference on Computer and communications security , CCS '07, 2007. ,
DOI : 10.1145/1315245.1315286
Ether, Proceedings of the 15th ACM conference on Computer and communications security, CCS '08, 2008. ,
DOI : 10.1145/1455770.1455779
Engin Kirda, Heng Yin, and Dawn Song. Dynamic spyware analysis, Proceedings of USENIX Annual Technical Conference, 2007. ,
Automated Identification of Cryptographic Primitives in Binary Programs, The 14th International Symposium on Recent Advances in Intrusion Detection (RAID), 2011. [HR] Hex-Rays. Hex-rays decompiler ,
DOI : 10.1007/978-3-642-04444-1_13
Intel 64 and ia-32 architectures software developer's manual Basic architecture, pp.142-143, 2010. ,
Automatic network protocol analysis Pin: building customized program analysis tools with dynamic instrumentation, 15th Annual Network and Distributed System Security Symposium 2008. [LCM + 05] Proceedings of the 2005 ACM SIG- PLAN conference on Programming language design and implementation, PLDI '05, pp.190-200, 2005. ,
Automatic protocol format reverse engineering through conectect-aware monitored execution Towards revealing attackers intent by automatically decrypting network traffic Know your enemy: Containing conficker -to tame a malware, 15th Symposium on Network and Distributed System Security (NDSS) Know Your Enemy Series of the Honeynet Project, 2008. ,
Limits of Static Analysis for Malware Detection, Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007), 2007. ,
DOI : 10.1109/ACSAC.2007.21
Testing CPU emulators, Proceedings of the eighteenth international symposium on Software testing and analysis, ISSTA '09, 2009. ,
DOI : 10.1145/1572272.1572303
Dynamic taint analysis: Automatic detection , analysis, and signature generation of exploit attacks on commodity software A foray into confickers logic and rendezvous points Visualizing compiled executables for malware analysis Visualizing compiled executables for malware analysis, Proceedings of the Network and Distributed Systems Security Symposium, 2005. [PSY09] Phillip Porras, Hassen Saidi, and Vinod Yegneswaran LEET'09 Proceedings of the 2nd USENIX conference on Large-scale exploits and emergent threats 6th International Workshop on Visualization for Cyber Security Journal in Computer Virology, 2009. ,
Dynamic program analysis of Microsoft Windows applications, 2010 IEEE International Symposium on Performance Analysis of Systems & Software (ISPASS), 2010. ,
DOI : 10.1109/ISPASS.2010.5452079
Cobra: fine-grained malware analysis using stealth localized-executions, 2006 IEEE Symposium on Security and Privacy (S&P'06), 2006. ,
DOI : 10.1109/SP.2006.9
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.104.344
Toward Automated Dynamic Malware Analysis Using CWSandbox, IEEE Security and Privacy Magazine, vol.5, issue.2, 2007. ,
DOI : 10.1109/MSP.2007.45
Temu: Binary code analysis via whole-system layered annotative execution, 2010. ,
Reformat: Automatic reverse engineering of encrypted messages, 2008. ,