Files in this item



application/pdfJoseph_Leong.pdf (342kB)
(no description provided)PDF


Title:Automated static analysis of virtual-machine packers
Author(s):Leong, Joseph
Advisor(s):Caesar, Matthew C.
Department / Program:Computer Science
Discipline:Computer Science
Degree Granting Institution:University of Illinois at Urbana-Champaign
Low-level Systems
Abstract:The ability to reverse the most advanced software protection schemes is a critical step in mitigating malicious code attacks. Unfortunately, the analyst side seems to be losing in the ongoing arms race between malware developers and reverse engineers. Obfuscation that takes advantage of a virtual- machine like architecture has proven to be one of the most difficult to deal with. Virtual-machine packers are able to hide the intentions of programs they are applied to and are resistant to formerly effective unpacking techniques. Others have proposed methods to deal with such complex protec- tions, but they are often tedious, expensive, and/or inflexible. We propose a novel approach to automate the analysis process of virtualization protected executables. Our design avoids many pit- falls and performance issues of dynamic-analysis systems by only employing static program-analysis techniques and emphasizing work-reuse and generality in order to maintain efficiency, flexibility, and accessibility, for even novice analysts. The proof-of-concept system we have developed shows promise for the future of virtual-machine protected software analysis.
Issue Date:2013-08-22
Rights Information:Copyright 2013 by Joseph Kwun Leong. All rights reserved.
Date Available in IDEALS:2013-08-22
Date Deposited:2013-08

This item appears in the following Collection(s)

Item Statistics