恶意软件反分析研究综述

Fifth International Conference on Intelligent Control and Information Processing Pub Date : 2014-08-01 DOI:10.1109/ICICIP.2014.7010353

Yuxin Gao, Zexin Lu, Y. Luo

{"title":"恶意软件反分析研究综述","authors":"Yuxin Gao, Zexin Lu, Y. Luo","doi":"10.1109/ICICIP.2014.7010353","DOIUrl":null,"url":null,"abstract":"The anti-analysis technology of malware has always been the focus in the computer security field. Malware implements the self-protection by anti-static analysis and anti-dynamic analysis: anti-static analysis uses the method of packers and code obfuscation to disturb disassembly and the identification of control flow; anti-dynamic analysis detects system operating environment information to realize the anti-tracking for debugger and virtual machines. This paper in-depth analyzes and summarizes the principle of various technologies of anti-analysis methods used by malware, explores the advantages, disadvantages and applicability of these technologies, and provides some ideas and technical direction for the development of malware analysis techniques.","PeriodicalId":408041,"journal":{"name":"Fifth International Conference on Intelligent Control and Information Processing","volume":"9 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"28","resultStr":"{\"title\":\"Survey on malware anti-analysis\",\"authors\":\"Yuxin Gao, Zexin Lu, Y. Luo\",\"doi\":\"10.1109/ICICIP.2014.7010353\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The anti-analysis technology of malware has always been the focus in the computer security field. Malware implements the self-protection by anti-static analysis and anti-dynamic analysis: anti-static analysis uses the method of packers and code obfuscation to disturb disassembly and the identification of control flow; anti-dynamic analysis detects system operating environment information to realize the anti-tracking for debugger and virtual machines. This paper in-depth analyzes and summarizes the principle of various technologies of anti-analysis methods used by malware, explores the advantages, disadvantages and applicability of these technologies, and provides some ideas and technical direction for the development of malware analysis techniques.\",\"PeriodicalId\":408041,\"journal\":{\"name\":\"Fifth International Conference on Intelligent Control and Information Processing\",\"volume\":\"9 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"28\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Fifth International Conference on Intelligent Control and Information Processing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICICIP.2014.7010353\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Fifth International Conference on Intelligent Control and Information Processing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICICIP.2014.7010353","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 28

摘要

恶意软件的反分析技术一直是计算机安全领域的研究热点。恶意软件通过防静电分析和防动态分析实现自我保护:防静电分析采用封装器和代码混淆的方法干扰反汇编和控制流识别;反动态分析通过检测系统运行环境信息，实现对调试器和虚拟机的反跟踪。本文深入分析和总结了恶意软件所采用的各种反分析方法技术的原理，探讨了这些技术的优缺点和适用性，为恶意软件分析技术的发展提供了一些思路和技术方向。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Survey on malware anti-analysis

The anti-analysis technology of malware has always been the focus in the computer security field. Malware implements the self-protection by anti-static analysis and anti-dynamic analysis: anti-static analysis uses the method of packers and code obfuscation to disturb disassembly and the identification of control flow; anti-dynamic analysis detects system operating environment information to realize the anti-tracking for debugger and virtual machines. This paper in-depth analyzes and summarizes the principle of various technologies of anti-analysis methods used by malware, explores the advantages, disadvantages and applicability of these technologies, and provides some ideas and technical direction for the development of malware analysis techniques.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Fifth International Conference on Intelligent Control and Information Processing

自引率

0.00%

发文量