Institutional Repository
| efficient and automatic instrumentation for packed binaries | |
| Wu Yanjun; Chiuch Tzi-cker; Zhao Chen | |
| 2009 | |
| Conference Name | 3rd International Conference on Information Security and Assurance |
| Source | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
| Conference Date | JUN 25-27, |
| Conference Place | Seoul, SOUTH KOREA |
| Publish Place | HEIDELBERGER PLATZ 3, D-14197 BERLIN, GERMANY |
| Publisher | ADVANCES IN INFORMATION SECURITY AND ASSURANCE |
| ISSN | 0302-9743 |
| ISBN | 978-3-642-02616-4 |
| Department | Wu, Yanjun; Zhao, Chen Chinese Acad Sci, Inst Software, Beijing, Peoples R China. |
| English Abstract | Many modern software security techniques require transformation of executable binaries to add security features. Such transformation heavily depends on the correct and effecient disassembly. However, an increasing number of application binaries are packed before being distributed in the commercial world. Packed binaries are a special type of self-modifying code, which existing binary disassembly tools do not support very well, especially when automatic instrumentation is needed. This paper describes the design, implementation and evaluation of an efficient and automatic binary instrumentation tool for packed Win32/X86 binaries called Uncover. Uncover features two novel techniques: statically distinct packed binaries by entropy computation to minimize run-time disassembly overhead, and accurate tracking of binary unpacking process during runtime. These two techniques make it possible to disassemble Win32/X86 packed binaries as if they were never packed. |
| Content Type | 会议论文 |
| URI | http://ir.iscas.ac.cn/handle/311060/8354 |
| Collection | 基础软件国家工程研究中心 |
| Recommended Citation GB/T 7714 | Wu Yanjun,Chiuch Tzi-cker,Zhao Chen. efficient and automatic instrumentation for packed binaries[C]. HEIDELBERGER PLATZ 3, D-14197 BERLIN, GERMANY:ADVANCES IN INFORMATION SECURITY AND ASSURANCE,2009. |
| Files in This Item: | ||||||
| File Name/Size | DocType | Version | Access | License | ||
| efficient and automa(364KB) | 开放获取 | -- | Application Full Text | |||
Items in the repository are protected by copyright, with all rights reserved, unless otherwise indicated.
Edit Comment