Server-Side Dynamic Code Analysis

Wadie Guizani 1 Jean-Yves Marion 1 Daniel Reynaud 1
1 CARTE - Theoretical adverse computations, and safety
Inria Nancy - Grand Est, LORIA - FM - Department of Formal Methods
Abstract : The common use of packers is a real challenge for the anti-virus community. Indeed, a static signature analysis can usually only detect and sometimes remove known packers if a specific unpacking routine has been programmed manually. Generic unpacking does not solve the problem due to its limited effectiveness. Additionally, the important number of binaries to scan on a daily basis makes automated analysis necessary in order to protect information systems. In this context, we propose a taxonomy of self-modifying behaviors, a generic method to detect them in potentially malicious samples and a scalable architecture for the distributed analysis of a high volume of binaries.
Type de document :
Communication dans un congrès
4th International Conference on Malicious and Unwanted Software - Malware 2009, Oct 2009, Montréal, Canada. IEEE, pp.55-62, 2009
Liste complète des métadonnées

Littérature citée [24 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/inria-00425554
Contributeur : Wadie Guizani <>
Soumis le : jeudi 22 octobre 2009 - 11:04:02
Dernière modification le : jeudi 11 janvier 2018 - 06:21:25
Document(s) archivé(s) le : mardi 16 octobre 2012 - 12:35:08

Fichier

Server-Side_Dynamic_Code_Analy...
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : inria-00425554, version 1

Collections

Citation

Wadie Guizani, Jean-Yves Marion, Daniel Reynaud. Server-Side Dynamic Code Analysis. 4th International Conference on Malicious and Unwanted Software - Malware 2009, Oct 2009, Montréal, Canada. IEEE, pp.55-62, 2009. 〈inria-00425554〉

Partager

Métriques

Consultations de la notice

200

Téléchargements de fichiers

245