Download now Free registration required
Modern malware attempts to systematically thwart the hoped-for entropy reduction of the defense. The implementation characteristics of this design philosophy include generation of functionally equivalent phenotypes, sophisticated EPO (entry point obscuring), code integration, substitution, decoy and permutation techniques, within a time-dependent, multi-stage structure increasingly resistant to white-box analysis. Given constant static analysis time, an analyst must deal with increasing uncertainty about the location, control flow handoff and activation triggers, and even existence of malicious functionality.
- Format: PDF
- Size: 318 KB