Abstract
Software armoring techniques has been causing problems in malware analysis. It obscures and protects malware codes; making analysis difficult to be conducted. As more malware is armed, new method is required to make analysis easier and faster. In this paper, we introduced an automated-method to detect malware unpacking activities using dynamic binary instrumentation. It used bi-gram analysis and fine grained analysis tracking to monitor execution. Our results using off-the-shelf packing tools on both packed malware and packed binary showed that dynamic binary instrumentation can be used as a powerful tool to track obfuscated binaries.
Original language | English |
---|---|
Pages (from-to) | 3333-3336 |
Number of pages | 4 |
Journal | Advanced Science Letters |
Volume | 21 |
Issue number | 10 |
DOIs | |
Publication status | Published - Oct 2015 |
Keywords
- Dynamic binary instrumentation
- Malware analysis
- Packing