A Generic Approach to Automatic Deobfuscation of Executable Code
Offered By: IEEE via YouTube
Course Description
Overview
Explore a generic approach to automatic deobfuscation of executable code in this 20-minute IEEE conference talk. Delve into techniques for penetrating and removing obfuscations in malicious software to understand internal logic and develop countermeasures. Learn about semantics-preserving program transformations that simplify obfuscation code without making assumptions about specific obfuscation methods. Discover how this approach has been applied to various obfuscation types, including emulation-based obfuscation with runtime code unpacking and return-oriented programming. Examine the effectiveness of this method in extracting internal logic from code obfuscated using tools like Themida, which previous approaches struggled to handle. Cover topics such as change analysis, control dependencies, simplifying transformations, emulation, and CFG comparison through a comprehensive syllabus.
Syllabus
Introduction
What is obfuscation
Motivation
Goal
Related Works
System Overview
Change Analysis
ControlDependencies
Implicit control dependencies
Simplifying transformations
Semantic preserving transformations
Simplified trace
Emulation
Examples
CFG Comparison
Conclusion
Taught by
IEEE Symposium on Security and Privacy
Tags
Related Courses
Malicious Software and its Underground Economy: Two Sides to Every StoryUniversity of London International Programmes via Coursera Palo Alto Networks Cybersecurity Essentials II
Palo Alto Networks via Coursera Introducción al Análisis del Malware en Windows
National Technological University – Buenos Aires Regional Faculty via Miríadax Android Malware Analysis - From Zero to Hero
Udemy How to Create and Embed Malware (2-in-1 Course)
Udemy