Skip to Main content Skip to Navigation
Conference papers

Unconditional self-modifying code elimination with dynamic compiler optimizations

Isabelle Gnaedig 1, * Matthieu Kaczmarek 1 Daniel Reynaud 1 Stéphane Wloka 1
* Corresponding author
1 CARTE - Theoretical adverse computations, and safety
Inria Nancy - Grand Est, LORIA - FM - Department of Formal Methods
Abstract : This paper deals with the issue of self-modifying code and packed programs, a long-standing problem commonly addressed by emulation techniques and memory dumps. We propose an original semantics-based approach to simplify dynamic code analysis, by using compiler optimization techniques to get rid of code-generating instructions. For this, we use classic slicing techniques to identify code dependencies. As it is semantics-based, our approach allows us to rely on strongly established formal methods and is a promising approach for handling packed programs.
Document type :
Conference papers
Complete list of metadatas

Cited literature [24 references]  Display  Hide  Download

https://hal.inria.fr/inria-00538376
Contributor : Isabelle Gnaedig <>
Submitted on : Monday, November 22, 2010 - 1:51:54 PM
Last modification on : Tuesday, December 18, 2018 - 4:48:02 PM
Long-term archiving on: : Friday, October 26, 2012 - 4:20:19 PM

File

packer.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : inria-00538376, version 1

Collections

Citation

Isabelle Gnaedig, Matthieu Kaczmarek, Daniel Reynaud, Stéphane Wloka. Unconditional self-modifying code elimination with dynamic compiler optimizations. 5th International Conference on Malicious and Unwanted Software, Fernando C. Colón Osorio, Oct 2010, Nancy, France. ⟨inria-00538376⟩

Share

Metrics

Record views

269

Files downloads

708