DocumentCode :
2346890
Title :
Deobfuscator: An Automated Approach to the Identification and Removal of Code Obfuscation
Author :
Raber, Jason ; Laspe, Eric
fYear :
2007
fDate :
28-31 Oct. 2007
Firstpage :
275
Lastpage :
276
Abstract :
The Deobfuscator is an IDA Pro plug-in that neutralizes anti-disassembly code and transforms obfuscated code to simplified code in the actual binary. This plug-in is used in conjunction with a binary injector to remove obfuscated code and replace it with a simplified, transformed equivalent. We developed this tool in assessing strengths of protections and malware analysis for DoD government entities and commercial companies.
Keywords :
invasive software; program diagnostics; reverse engineering; software engineering; Deobfuscator; IDA Pro plug-in; antidisassembly code; binary code; binary injector; code obfuscation identification; code obfuscation removal; malware analysis; protection strength assessment; reverse engineering; Application software; Automatic control; Emulation; Government; Pattern matching; Pattern recognition; Protection; Registers; Reverse engineering; Software algorithms;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Reverse Engineering, 2007. WCRE 2007. 14th Working Conference on
Conference_Location :
Vancouver, BC
ISSN :
1095-1350
Print_ISBN :
978-0-7695-3034-5
Type :
conf
DOI :
10.1109/WCRE.2007.18
Filename :
4400176
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2346890
بازگشت