International Association of Engineering and Management Education (IAEME)
Malware is one of the major threats faced by distributed computing system. Malware authors use cryptographic algorithms to protect themselves from being analyzed. The use of cryptographic algorithms and transient secrets inside the malware binary provides a key obstacle to effective malware analysis and defense. CipherXRay - a novel binary analysis framework that can automatically identify and recover the cryptographic operations and transient secrets from the execution of potentially obfuscated binary executables. CipherXRay is based on the avalanche effect of cryptographic functions which is able to accurately pinpoint the boundary of cryptographic operation and recover truly transient cryptographic secrets that only exist in memory for one instant in between multiple nested cryptographic operations.