Using of the forensic analyzing tools, code obfuscation

2017 IEEE 15th International Symposium on Applied Machine Intelligence and Informatics (SAMI) Pub Date : 1900-01-01 DOI:10.1109/SAMI.2017.7880329

L. Vokorokos, Zuzana Dankovičová, L. Lescisin

{"title":"Using of the forensic analyzing tools, code obfuscation","authors":"L. Vokorokos, Zuzana Dankovičová, L. Lescisin","doi":"10.1109/SAMI.2017.7880329","DOIUrl":null,"url":null,"abstract":"The main goal of this paper is analyzing the methods of code analysis and proposing the most appropriate methods of sample analysis, executing the process of analyzing the available online and offline analyzing tools and explore ways to prevent hiding malicious pieces of code into the source code. Another aim is to focus on what the obfuscation technique of source code has to offer. Obfuscation can be understood as the transformation of program into another program or special case of data coding. The main purpose of this technique is transform the program to prevent its subsequent analysis and understanding, while the functionality of the program is preserved. Because the code obfuscation is a low cost technique and does not affect portability, it represents one of the most promising methodologies for defending programs against malicious host attacks, as backed up by the increasing interest in this technology. The usual obfuscation approaches that are particularly used by metamorphic viruses are for example data flow and control flow obfuscation.","PeriodicalId":105599,"journal":{"name":"2017 IEEE 15th International Symposium on Applied Machine Intelligence and Informatics (SAMI)","volume":"78 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 IEEE 15th International Symposium on Applied Machine Intelligence and Informatics (SAMI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SAMI.2017.7880329","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

Abstract

The main goal of this paper is analyzing the methods of code analysis and proposing the most appropriate methods of sample analysis, executing the process of analyzing the available online and offline analyzing tools and explore ways to prevent hiding malicious pieces of code into the source code. Another aim is to focus on what the obfuscation technique of source code has to offer. Obfuscation can be understood as the transformation of program into another program or special case of data coding. The main purpose of this technique is transform the program to prevent its subsequent analysis and understanding, while the functionality of the program is preserved. Because the code obfuscation is a low cost technique and does not affect portability, it represents one of the most promising methodologies for defending programs against malicious host attacks, as backed up by the increasing interest in this technology. The usual obfuscation approaches that are particularly used by metamorphic viruses are for example data flow and control flow obfuscation.

查看原文本刊更多论文

使用取证分析工具，进行代码混淆

本文的主要目标是分析代码分析的方法，提出最合适的样本分析方法，执行现有的在线和离线分析工具的分析过程，并探索如何防止将恶意代码隐藏到源代码中。另一个目的是关注源代码的混淆技术必须提供什么。混淆可以理解为将一个程序转换为另一个程序或数据编码的特殊情况。这种技术的主要目的是转换程序以防止后续的分析和理解，同时保留程序的功能。由于代码混淆是一种低成本的技术，而且不影响可移植性，因此它代表了保护程序免受恶意主机攻击的最有前途的方法之一，这一点得到了对该技术日益增长的兴趣的支持。变形病毒特别使用的通常混淆方法例如数据流和控制流混淆。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2017 IEEE 15th International Symposium on Applied Machine Intelligence and Informatics (SAMI)

自引率

0.00%

发文量