مرکز منطقه ای اطلاع رساني علوم و فناوري - Unconditional self-modifying code elimination with dynamic compiler optimizations

DocumentCode :

1597932

Title :

Unconditional self-modifying code elimination with dynamic compiler optimizations

Author :

Gnaedig, Isabelle ; Kaczmarek, Matthieu ; Reynaud, Daniel ; Wloka, Stéphane

Author_Institution :

INRIA, LORIA, France

fYear :

2010

Firstpage :

Lastpage :

Abstract :

This paper deals with the issue of self-modifying code and packed programs, a long-standing problem commonly addressed by emulation techniques and memory dumps. We propose an original semantics-based approach to simplify dynamic code analysis, by using compiler optimization techniques to get rid of code-generating instructions. For this, we use classic slicing techniques to identify code dependencies. As it is semantics-based, our approach allows us to rely on strongly established formal methods and is a promising approach for handling packed programs.

Keywords :

optimisation; program compilers; system monitoring; classic slicing technique; code-generating instruction; dynamic code analysis; dynamic compiler optimization; emulation technique; formal method; memory dump; packed program handling; unconditional selfmodifying code elimination; Heuristic algorithms; Malware; Monitoring; Optimization; Payloads; Runtime; Software;

fLanguage :

English

Publisher :

ieee

Conference_Titel :

Malicious and Unwanted Software (MALWARE), 2010 5th International Conference on

Conference_Location :

Nancy, Lorraine

Print_ISBN :

978-1-4244-9353-1

Type :

conf

DOI :

10.1109/MALWARE.2010.5665795

Filename :

5665795

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=1597932