Dynamic Binary Instrumentation for Deobfuscation and Unpacking

Daniel Reynaud 1 Jean-Yves Marion 1
1 CARTE - Theoretical adverse computations, and safety
Inria Nancy - Grand Est, LORIA - FM - Department of Formal Methods
Abstract : We propose to extend the toolbox of reverse engineers beyond disassemblers, debuggers and emulators. Using dynamic binary instrumentation, it is very simple to write advanced tools such as automatic unpackers, system call tracers and deobfuscators. Based on our experiments, DBI is suitable for malware analysis. In this presentation, we will present a simple and accurate automatic unpacker integrated with IDA Pro and a Javascript deobfuscator, all written using DBI techniques.
Type de document :
Communication dans un congrès
IN-DEPTH SECURITY CONFERENCE 2009 EUROPE, Nov 2009, Vienne, Austria. 2009
Liste complète des métadonnées

https://hal.inria.fr/inria-00431666
Contributeur : Daniel Reynaud <>
Soumis le : jeudi 12 novembre 2009 - 17:15:30
Dernière modification le : jeudi 11 janvier 2018 - 06:21:25

Identifiants

  • HAL Id : inria-00431666, version 1

Collections

Citation

Daniel Reynaud, Jean-Yves Marion. Dynamic Binary Instrumentation for Deobfuscation and Unpacking. IN-DEPTH SECURITY CONFERENCE 2009 EUROPE, Nov 2009, Vienne, Austria. 2009. 〈inria-00431666〉

Partager

Métriques

Consultations de la notice

291