论文信息 - Program Transformations and Obfuscations

Program Transformations and Obfuscations

Software feature extraction must cope with transformations that are intended to obscure, evolve, or rewrite the program. For example, malware polymorphism and metamorphism are transformations applied to the malicious code to evade signature detection. Robust signatures must identify the invariant birthmarks under these transformations. This chapter focuses on analysing these types of program transformations and obfuscations including compiler optimsations, recompilation, plagiarism, software theft, derivative works, malware packing, malware polymorphism and malware metamorphism.

Yang Xiang | Silvio Cesare

[1] Wenke Lee,et al. PolyUnpack: Automating the Hidden-Code Extraction of Unpack-Executing Malware , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[2] Michael Luck,et al. Plagiarism in programming assignments , 1999 .

[3] Saumya K. Debray,et al. Obfuscation of executable code to improve resistance to static disassembly , 2003, CCS '03.

[4] Somesh Jha,et al. Testing malware detectors , 2004, ISSTA '04.

[5] Wenke Lee,et al. Rotalumè: A Tool for Automatic Reverse Engineering of Malware Emulators , 2009 .

[6] Christian S. Collberg,et al. A Taxonomy of Obfuscating Transformations , 1997 .

[7] Jonathon T. Giffin,et al. Automatic Reverse Engineering of Malware Emulators , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[8] Heng Yin,et al. Renovo: a hidden code extractor for packed executables , 2007, WORM '07.