Cited 0 time in
Detection Techniques for DBI Environment in Windows
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Park, Seongwoo | - |
| dc.contributor.author | Park, Yongsu | - |
| dc.date.accessioned | 2024-11-28T14:01:10Z | - |
| dc.date.available | 2024-11-28T14:01:10Z | - |
| dc.date.issued | 2024-03 | - |
| dc.identifier.issn | 2079-9292 | - |
| dc.identifier.issn | 2079-9292 | - |
| dc.identifier.uri | https://scholarworks.bwise.kr/hanyang/handle/2021.sw.hanyang/196731 | - |
| dc.description.abstract | Dynamic binary instrumentation (DBI) is a technique that enables the monitoring and analysis of software, providing enhanced performance compared to other analysis tools. However, to provide the robust dynamic analysis capabilities, it commonly requires the setup of separate environments for analysis, thereby increasing the contrast with normal execution and the distinctive features that may reveal the presence of the DBI environment. Malware adapts to detect the presence of DBI environments, and it consequently leads to the expansion of the attack surface. In this paper, we provide an in-depth exploration of anti-instrumentation techniques that can be exploited by malware, with a specific focus on the Windows operating system. Leveraging the unique features of the DBI environment, we introduce and categorize DBI detection techniques. Additionally, we conduct a comprehensive analysis of the techniques through the implementation algorithms with bypassing methods for the techniques. Our experiments showcase the effectiveness of these techniques on the latest versions of several DBI frameworks. Furthermore, we address associated concerns with the aim of contributing to the development of enhanced tools to combat malicious activities exploiting DBI and propose directions for future research. | - |
| dc.format.extent | 22 | - |
| dc.language | 영어 | - |
| dc.language.iso | ENG | - |
| dc.publisher | MDPI AG | - |
| dc.title | Detection Techniques for DBI Environment in Windows | - |
| dc.type | Article | - |
| dc.publisher.location | 스위스 | - |
| dc.identifier.doi | 10.3390/electronics13050871 | - |
| dc.identifier.scopusid | 2-s2.0-85187883580 | - |
| dc.identifier.wosid | 001182869700001 | - |
| dc.identifier.bibliographicCitation | Electronics (Basel), v.13, no.5, pp 1 - 22 | - |
| dc.citation.title | Electronics (Basel) | - |
| dc.citation.volume | 13 | - |
| dc.citation.number | 5 | - |
| dc.citation.startPage | 1 | - |
| dc.citation.endPage | 22 | - |
| dc.type.docType | Article | - |
| dc.description.isOpenAccess | Y | - |
| dc.description.journalRegisteredClass | scie | - |
| dc.description.journalRegisteredClass | scopus | - |
| dc.relation.journalResearchArea | Computer Science | - |
| dc.relation.journalResearchArea | Engineering | - |
| dc.relation.journalResearchArea | Physics | - |
| dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
| dc.relation.journalWebOfScienceCategory | Engineering, Electrical & Electronic | - |
| dc.relation.journalWebOfScienceCategory | Physics, Applied | - |
| dc.subject.keywordAuthor | computer security | - |
| dc.subject.keywordAuthor | dynamic binary instrumentation | - |
| dc.subject.keywordAuthor | reverse engineering | - |
| dc.subject.keywordAuthor | software protection | - |
| dc.identifier.url | https://www.mdpi.com/2079-9292/13/5/871 | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
222, Wangsimni-ro, Seongdong-gu, Seoul, 04763, Korea+82-2-2220-1366
COPYRIGHT © 2024 HANYANG UNIVERSITY.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.
