DocumentCode
1799232
Title
Survey on malware anti-analysis
Author
Yuxin Gao ; Zexin Lu ; Yuqing Luo
Author_Institution
Nat. Univ. of Defense Technol., Changsha, China
fYear
2014
fDate
18-20 Aug. 2014
Firstpage
270
Lastpage
275
Abstract
The anti-analysis technology of malware has always been the focus in the computer security field. Malware implements the self-protection by anti-static analysis and anti-dynamic analysis: anti-static analysis uses the method of packers and code obfuscation to disturb disassembly and the identification of control flow; anti-dynamic analysis detects system operating environment information to realize the anti-tracking for debugger and virtual machines. This paper in-depth analyzes and summarizes the principle of various technologies of anti-analysis methods used by malware, explores the advantages, disadvantages and applicability of these technologies, and provides some ideas and technical direction for the development of malware analysis techniques.
Keywords
invasive software; program debugging; program diagnostics; virtual machines; antidynamic analysis; antistatic analysis; debugger; malware antianalysis; packers and code obfuscation; virtual machines; Encryption; Feature extraction; Kernel; Malware; Registers; Virtual machining;
fLanguage
English
Publisher
ieee
Conference_Titel
Intelligent Control and Information Processing (ICICIP), 2014 Fifth International Conference on
Conference_Location
Dalian
Print_ISBN
978-1-4799-3649-6
Type
conf
DOI
10.1109/ICICIP.2014.7010353
Filename
7010353
Link To Document