Blue pill detection, SyScan, 2007. ,
Ttanalyze: A tool for analyzing malware, 2006. ,
Pandora's bochs: Automatic unpacking of malware, 2008. ,
Efficient, transparent, and comprehensive runtime code manipulation, 2004. ,
Extending joebox -a scriptable malware analysis system, 2008. ,
4 x 5: Reverse engineering automation with python, Black Hat USA, 2007. ,
Malware -behavior, tools, scripting and advanced analysis, HITB, 2008. ,
Security applications for emulation, Ruxcon, 2008. ,
Attacks on virtual machine emulators, AVAR Conference, 2006. ,
Anti-unpacker tricks, 2008. ,
Formal model proposal for (malware) program stealth, In Virus Bulletin, 2007. ,
Generic unpacking ? how to handle modified or unknown pe compression engines? In Virus Bulletin, 2005. ,
A Study of the Packer Problem and Its Solutions, RAID '08: Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection, pp.98-115, 2008. ,
DOI : 10.1007/978-3-540-87403-4_6
Secure and advanced unpacking using computer emulation, Journal in Computer Virology, vol.3, issue.3, 2007. ,
DOI : 10.1007/s11416-007-0046-0
Analyse et detection dynamique de code viraux dans un contexte cryptographique, 2009. ,
Renovo: A hidden code extractor for packed executables, 5th ACM Workshop on Recurring Malcode, 2007. ,
Scoopyng -the vmware detection tool, 2008. ,
Pin: Building customized program analysis tools with dynamic instrumentation, Programming Language Design and Implementation (PLDI), 2005. ,
Exploring Multiple Execution Paths for Malware Analysis, 2007 IEEE Symposium on Security and Privacy (SP '07), pp.231-245, 2007. ,
DOI : 10.1109/SP.2007.17
covert debugging, circumventing software armoring techniques, Black Hat USA, 2007. ,
Alternative medicine: The malware analyst's bluepill, Black Hat USA, 2008. ,
or how to detect vmm using (almost) one cpu instruction, 2004. ,
Toward automated dynamic malware analysis using cwsandbox. Security and Privacy, IEEE, vol.5, issue.2, pp.32-39, 2007. ,
DOI : 10.1109/msp.2007.45