• DocumentCode
    2346890
  • Title

    Deobfuscator: An Automated Approach to the Identification and Removal of Code Obfuscation

  • Author

    Raber, Jason ; Laspe, Eric

  • fYear
    2007
  • fDate
    28-31 Oct. 2007
  • Firstpage
    275
  • Lastpage
    276
  • Abstract
    The Deobfuscator is an IDA Pro plug-in that neutralizes anti-disassembly code and transforms obfuscated code to simplified code in the actual binary. This plug-in is used in conjunction with a binary injector to remove obfuscated code and replace it with a simplified, transformed equivalent. We developed this tool in assessing strengths of protections and malware analysis for DoD government entities and commercial companies.
  • Keywords
    invasive software; program diagnostics; reverse engineering; software engineering; Deobfuscator; IDA Pro plug-in; antidisassembly code; binary code; binary injector; code obfuscation identification; code obfuscation removal; malware analysis; protection strength assessment; reverse engineering; Application software; Automatic control; Emulation; Government; Pattern matching; Pattern recognition; Protection; Registers; Reverse engineering; Software algorithms;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Reverse Engineering, 2007. WCRE 2007. 14th Working Conference on
  • Conference_Location
    Vancouver, BC
  • ISSN
    1095-1350
  • Print_ISBN
    978-0-7695-3034-5
  • Type

    conf

  • DOI
    10.1109/WCRE.2007.18
  • Filename
    4400176
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2346890