Evading Anti-debugging Techniques with Binary Substitution
نویسندگان
چکیده
Anti-debugging technology refers to various ways of preventing binary files from being analyzed in debuggers or other virtual machine environments. If binary files conceal or modify themself using anti-debugging techniques, analyzing these binary files becomes harder. There are some anti-anti-debugging techniques proposed so far, but malware developers make dynamic analysis difficult using various ways, such as execution time delay, debugger detection techniques and so on. In this paper, we propose a Evading Antidebugging techniques method that can avoid anti-debugging techniques in binary files, and showed several samples of anti-debugging applications and how to detect and patch antidebugging techniques in common utilities or malicious code effectively.
منابع مشابه
The Kinetics and Mechanisms of Substitution Reactions of Trans-[Co(en)2CNCl]+ in Binary Mixed Solvent
The kinetics and mechanisms of the substitution reactions of trans-[Co(en)2CNCl]+ with unidentate anions, , CN¯, I¯, , Br¯ and SCN¯ in 60% v/v DMF-H2O binary solvent at 40.0±0.2 °C were studied spectrophotometrically. An Id mechanism was assigned for the replacement of chlorine by , CN¯ and I¯, an Ia one for...
متن کاملMARKOVIAN SOFTWARE RELIABILITY MODEL FOR TWO TYPES OF FAILURES WITH IMPERFECT DEBUGGING RATE AND GENERATION OF ERRORS
N
متن کاملAnnotated Control Flow Graph for Metamorphic Malware Detection
Metamorphism is a technique that mutates the binary code using different obfuscations and never keeps the same sequence of opcodes in the memory. This stealth technique provides the capability to a malware for evading detection by simple signature-based (such as instruction sequences, byte sequences and string signatures) anti-malware programs. In this paper, we present a new scheme named Annot...
متن کاملDebugging Aspect-Enabled Programs
The ability to debug programs composed using aspect-oriented programming (AOP) techniques is critical to the adoption of AOP. Nevertheless, many AOP systems lack adequate support for debugging, making it difficult to diagnose faults and understand the program‘s composition and control flow. We present an AOP debug model that characterizes AOP-specific program composition techniques and AOP-spec...
متن کاملPoster: Evading Web Malware Classifiers using Genetic Programming
Malware classifiers based on machine learning models have become increasingly popular. These classifiers use a combination of structural and dynamic features to detect malware in various domains, including PDF, binaries, and web pages. We propose to use genetic programming techniques to automatically generate variants of malicious web pages that evade state-ofthe-art classifiers. Our method bui...
متن کامل