, Blue pill detection, SyScan, 2007.
, Ttanalyze: A tool for analyzing malware, 2006.
, Pandora's bochs: Automatic unpacking of malware, 2008.
, Efficient, transparent, and comprehensive runtime code manipulation, 2004.
, Extending joebox -a scriptable malware analysis system, 2008.
, 4 x 5: Reverse engineering automation with python, Black Hat USA, 2007.
, Malware -behavior, tools, scripting and advanced analysis, HITB, 2008.
, Security applications for emulation, Ruxcon, 2008.
, Attacks on virtual machine emulators, AVAR Conference, 2006.
, Anti-unpacker tricks, 2008.
, Formal model proposal for (malware) program stealth, In Virus Bulletin, 2007.
, Generic unpacking ? how to handle modified or unknown pe compression engines? In Virus Bulletin, 2005.
, A Study of the Packer Problem and Its Solutions, RAID '08: Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection, pp.98-115, 2008.
DOI : 10.1007/978-3-540-87403-4_6
, Secure and advanced unpacking using computer emulation, Journal in Computer Virology, vol.3, issue.3, 2007.
DOI : 10.1007/s11416-007-0046-0
, Analyse et detection dynamique de code viraux dans un contexte cryptographique, 2009.
, Renovo: A hidden code extractor for packed executables, 5th ACM Workshop on Recurring Malcode, 2007.
, Scoopyng -the vmware detection tool, 2008.
, Pin: Building customized program analysis tools with dynamic instrumentation, Programming Language Design and Implementation (PLDI), 2005.
, Exploring Multiple Execution Paths for Malware Analysis, 2007 IEEE Symposium on Security and Privacy (SP '07), pp.231-245, 2007.
DOI : 10.1109/SP.2007.17
, covert debugging, circumventing software armoring techniques, Black Hat USA, 2007.
, Alternative medicine: The malware analyst's bluepill, Black Hat USA, 2008.
, or how to detect vmm using (almost) one cpu instruction, 2004.
, Toward automated dynamic malware analysis using cwsandbox. Security and Privacy, IEEE, vol.5, issue.2, pp.32-39, 2007.
DOI : 10.1109/msp.2007.45