68 0

Evading anti-debugging techniques with binary substitution

Title
Evading anti-debugging techniques with binary substitution
Author
임을규
Keywords
Malware Analysis; Anti-debugging detection; Static Analysis; Dynamic Analysis
Issue Date
2014-01
Publisher
보안공학연구지원센터(IJSIA)
Citation
International Journal of Security and Its Applications, 01/30/2014, Vol. 8, Issue 1, p. 183-192
Abstract
Anti-debugging technology refers to various ways of preventing binary files from being analyzed in debuggers or other virtual machine environments. If binary files conceal or modify themself using anti-debugging techniques, analyzing these binary files becomes harder. There are some anti-anti-debugging techniques proposed so far, but malware developers make dynamic analysis difficult using various ways, such as execution time delay, debugger detection techniques and so on. In this paper, we propose a Evading Anti-debugging techniques method that can avoid anti-debugging techniques in binary files, and showed several samples of anti-debugging applications and how to detect and patch anti-debugging techniques in common utilities or malicious code effectively.
URI
http://www.earticle.net/Article.aspx?sn=218100http://hdl.handle.net/20.500.11754/47148
ISSN
1738-9976
DOI
10.14257/ljsia.2014.8.1.17
Appears in Collections:
COLLEGE OF ENGINEERING[S](공과대학) > COMPUTER SCIENCE(컴퓨터소프트웨어학부) > Articles
Files in This Item:
There are no files associated with this item.
Export
RIS (EndNote)
XLS (Excel)
XML


qrcode

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.

BROWSE