Protecting software through obfuscation: Can it keep pace with progress in code analysis?
Software obfuscation has always been a controversially discussed research area. While
theoretical results indicate that provably secure obfuscation in general is impossible, its …
theoretical results indicate that provably secure obfuscation in general is impossible, its …
A survey of binary code fingerprinting approaches: taxonomy, methodologies, and features
Binary code fingerprinting is crucial in many security applications. Examples include
malware detection, software infringement, vulnerability analysis, and digital forensics. It is …
malware detection, software infringement, vulnerability analysis, and digital forensics. It is …
Symlm: Predicting function names in stripped binaries via context-sensitive execution-aware code embeddings
Predicting function names in stripped binaries is an extremely useful but challenging task, as
it requires summarizing the execution behavior and semantics of the function in human …
it requires summarizing the execution behavior and semantics of the function in human …
Jump-oriented programming: a new class of code-reuse attack
Return-oriented programming is an effective code-reuse attack in which short code
sequences ending in a ret instruction are found within existing binaries and executed in …
sequences ending in a ret instruction are found within existing binaries and executed in …
{BYTEWEIGHT}: Learning to recognize functions in binary code
Function identification is a fundamental challenge in reverse engineering and binary
program analysis. For instance, binary rewriting and control flow integrity rely on accurate …
program analysis. For instance, binary rewriting and control flow integrity rely on accurate …
Bingo: Cross-architecture cross-os binary search
Binary code search has received much attention recently due to its impactful applications,
eg, plagiarism detection, malware detection and software vulnerability auditing. However …
eg, plagiarism detection, malware detection and software vulnerability auditing. However …
Flexible and fine-grained mandatory access control on android for diverse security and privacy policies
In this paper we tackle the challenge of providing a generic security architecture for the
Android OS that can serve as a flexible and effective ecosystem to instantiate different …
Android OS that can serve as a flexible and effective ecosystem to instantiate different …
Measuring {Pay-per-Install}: The commoditization of malware distribution
Recent years have seen extensive diversification of the “underground economy” associated
with malware and the subversion of Internet-connected systems. This trend towards …
with malware and the subversion of Internet-connected systems. This trend towards …
Blanket execution: Dynamic similarity testing for program binaries and components
Matching function binaries—the process of identifying similar functions among binary
executables—is a challenge that underlies many security applications such as malware …
executables—is a challenge that underlies many security applications such as malware …
Virtuoso: Narrowing the semantic gap in virtual machine introspection
Introspection has featured prominently in many recent security solutions, such as virtual
machine-based intrusion detection, forensic memory analysis, and low-artifact malware …
machine-based intrusion detection, forensic memory analysis, and low-artifact malware …