Skip to Main content Skip to Navigation
Conference papers

Server-Side Dynamic Code Analysis

Wadie Guizani 1 Jean-Yves Marion 1 Daniel Reynaud 1
1 CARTE - Theoretical adverse computations, and safety
Inria Nancy - Grand Est, LORIA - FM - Department of Formal Methods
Abstract : The common use of packers is a real challenge for the anti-virus community. Indeed, a static signature analysis can usually only detect and sometimes remove known packers if a specific unpacking routine has been programmed manually. Generic unpacking does not solve the problem due to its limited effectiveness. Additionally, the important number of binaries to scan on a daily basis makes automated analysis necessary in order to protect information systems. In this context, we propose a taxonomy of self-modifying behaviors, a generic method to detect them in potentially malicious samples and a scalable architecture for the distributed analysis of a high volume of binaries.
Document type :
Conference papers
Complete list of metadatas

Cited literature [24 references]  Display  Hide  Download

https://hal.inria.fr/inria-00425554
Contributor : Wadie Guizani <>
Submitted on : Thursday, October 22, 2009 - 11:04:02 AM
Last modification on : Thursday, November 5, 2020 - 2:57:07 PM
Long-term archiving on: : Tuesday, October 16, 2012 - 12:35:08 PM

File

Server-Side_Dynamic_Code_Analy...
Files produced by the author(s)

Identifiers

  • HAL Id : inria-00425554, version 1

Collections

Citation

Wadie Guizani, Jean-Yves Marion, Daniel Reynaud. Server-Side Dynamic Code Analysis. 4th International Conference on Malicious and Unwanted Software - Malware 2009, Fernando C. Colon Osorio, Oct 2009, Montréal, Canada. pp.55-62. ⟨inria-00425554⟩

Share

Metrics

Record views

286

Files downloads

536