Detail publikace

Generic detection of register realignment

ĎURFINA, L. KOLÁŘ, D.

Originální název

Generic detection of register realignment

Typ

článek ve sborníku mimo WoS a Scopus

Jazyk

angličtina

Originální abstrakt

The register realignment is a method of binary obfuscation and it is used by malware writers. The paper introduces the method how register realignment can be recognized by analysis based on the scattered context grammars. Such an analysis includes exploration of bytes affected by realignment, finding new valid values for them, building the scattered context grammar and parse an obfuscated code by this grammar. The created grammar has LL property - an ability for parsing by this type of grammar.

Klíčová slova

Formal languages, scattered context grammars, register realignment

Autoři

ĎURFINA, L.; KOLÁŘ, D.

Rok RIV

2011

Vydáno

21. 9. 2011

Nakladatel

American Institute of Physics

Místo

Kassandra, Halkidiki

ISBN

978-0-7354-0956-9

Kniha

AIP Conference Proceedings

ISSN

1551-7616

Periodikum

AIP Conference Proceedings

Ročník

1389

Číslo

1

Stát

Spojené státy americké

Strany od

806

Strany do

809

Strany počet

4

URL

http://link.aip.org/link/apcpcs/v1389/i1/p806/pdf

BibTex

@inproceedings{BUT76294,
  author="Lukáš {Ďurfina} and Dušan {Kolář}",
  title="Generic detection of register realignment",
  booktitle="AIP Conference Proceedings",
  year="2011",
  journal="AIP Conference Proceedings",
  volume="1389",
  number="1",
  pages="806--809",
  publisher="American Institute of Physics",
  address="Kassandra, Halkidiki",
  isbn="978-0-7354-0956-9",
  issn="1551-7616",
  url="http://link.aip.org/link/apcpcs/v1389/i1/p806/pdf"
}