DocumentCode :
3287277
Title :
Static Analysis of Malware to Detect Exception Return
Author :
Yichi, Zhang ; Jianmin, Pang ; Lili, Bai ; Wen, Fu
Author_Institution :
Nat. Digital Switching Syst. Eng. & Technol. Res. Center, Zhengzhou, China
Volume :
3
fYear :
2009
fDate :
15-17 May 2009
Firstpage :
690
Lastpage :
693
Abstract :
Malware is rapidly becoming a major security issue. In order to avoid being analyzed statically, malwares resort to various obfuscation techniques to hide their malicious behaviors. The technique based on the exception return of subroutine is one of the techniques. Currently disassemblers couldn´t deal with malware which uses this technique. This paper presents a static disassembly algorithm base on virtual stack for handling malware with exception return. The result of the test proves that the algorithm is effective.
Keywords :
invasive software; exception return detection; malware; obfuscation techniques; static disassembly algorithm; virtual stack; Algorithms; Computer viruses; Information analysis; Information security; Information technology; National security; Pattern matching; Switching systems; Systems engineering and theory; Testing; Disassemble; Malware; Obfuscation;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Information Technology and Applications, 2009. IFITA '09. International Forum on
Conference_Location :
Chengdu
Print_ISBN :
978-0-7695-3600-2
Type :
conf
DOI :
10.1109/IFITA.2009.137
Filename :
5232220
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=3287277
بازگشت