Towards an Understanding of Anti-Virtualization and Anti-Debugging Behavior in Modern Malware

Many threats that plague today's networks (e.g., phishing, botnets, denial of service attacks) are enabled by a complex ecosystem of attack programs commonly called malware. To combat these threats, defenders of these networks have turned to the collection, analysis, and reverse engineering of malware as mechanisms to understand these programs, generate signatures, and facilitate cleanup of infected hosts. Recently however, new malware instances have emerged with the capability to check and often thwart these defensive activities - essentially leaving defenders blind to their activities.