A Slicing-Based Approach to Anti-Anti-Emulation in Malware Analysis

Download Now
Provided by: Science and Development Network (SciDev.Net)
Topic: Security
Format: PDF
Anti-emulation check is nearly essential component in modern malware for evading dynamic analysis by malicious behavior hidden in order to be a long time alive. In this paper, the authors propose a slicing-based approach to deal with such a scenario. With a difference from trace matching solutions presented in references, their approach is performed on one instruction trace without a reference platform. They evaluate their approach with 189 malware samples collected in the wild. The experience shows that their proposed approach can spot efAPI used for anti-emulation check in an efficient way.
Download Now

Find By Topic