A Generic Approach to Automatic Deobfuscation of Executable Code
Offered By: IEEE via YouTube
Course Description
Overview
Explore a generic approach to automatic deobfuscation of executable code in this 20-minute IEEE conference talk. Delve into techniques for penetrating and removing obfuscations in malicious software to understand internal logic and develop countermeasures. Learn about semantics-preserving program transformations that simplify obfuscation code without making assumptions about specific obfuscation methods. Discover how this approach has been applied to various obfuscation types, including emulation-based obfuscation with runtime code unpacking and return-oriented programming. Examine the effectiveness of this method in extracting internal logic from code obfuscated using tools like Themida, which previous approaches struggled to handle. Cover topics such as change analysis, control dependencies, simplifying transformations, emulation, and CFG comparison through a comprehensive syllabus.
Syllabus
Introduction
What is obfuscation
Motivation
Goal
Related Works
System Overview
Change Analysis
ControlDependencies
Implicit control dependencies
Simplifying transformations
Semantic preserving transformations
Simplified trace
Emulation
Examples
CFG Comparison
Conclusion
Taught by
IEEE Symposium on Security and Privacy
Tags
Related Courses
Pattern-Oriented Software Architectures: Programming Mobile Services for Android Handheld SystemsVanderbilt University via Coursera Engineering Maintainable Android Apps
Vanderbilt University via Coursera Software Design as an Element of the Software Development Lifecycle
University of Colorado System via Coursera Secure Software Development
Pluralsight Secure Software Concepts for CSSLPĀ®
Pluralsight