Rule-based anti-anti-debugging system
- Authors
- Lee, Jaekeun; Kang, Boojoong; Im, Eul Gyu
- Issue Date
- Oct-2013
- Publisher
- Association for Computing Machinary, Inc.
- Keywords
- anti-debugging detection; malware analysis; static analysis
- Citation
- Proceedings of the 2013 Research in Adaptive and Convergent Systems, RACS 2013, pp.353 - 354
- Indexed
- SCOPUS
- Journal Title
- Proceedings of the 2013 Research in Adaptive and Convergent Systems, RACS 2013
- Start Page
- 353
- End Page
- 354
- URI
- https://scholarworks.bwise.kr/hanyang/handle/2021.sw.hanyang/161779
- DOI
- 10.1145/2513228.2513301
- ISSN
- 0000-0000
- Abstract
- Anti-debugging technology refers to various ways of preventing binary files from being analyzed in debuggers or other virtual machine environments. If binary files conceal or modify themself using anti-debugging techniques, analyzing these binary files becomes harder. There are some anti-anti-debugging techniques proposed so far, but malware developers make dynamic analysis difficult using various ways, such as execution time delay, debugger detection techniques and so on. In this paper, we propose a rule-based system that can avoid anti-debugging techniques in binary files, and showed several samples of anti-debugging applications and how to detect and patch anti-debugging techniques in common utilities or malicious code effectively.
- Files in This Item
-
Go to Link
- Appears in
Collections - 서울 공과대학 > 서울 컴퓨터소프트웨어학부 > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.