Revealing packed malware

Yan Wei, Zhang Zheng, Nirwan Ansari

Research output: Contribution to journalArticlepeer-review

90 Scopus citations

Abstract

Data security researchers are facing significant challenges in overcoming malware's complexity and making efforts to reduce threat to data. Reverse engineering (RE) has emerged as a significant approach, to analyze a program's logic flow an internal data structures, such as system call functions. The use of packers and binary tools that encourage code generation enable malicious content detection. Packers are software programs that compress and encrypt other executable files in a disk and restore the original executable images , when the packed files are loaded into memories. The latest malware can completely bypass personal firewalls and antivirus (AV) scanners, by using executable packers. Experts suggest that security researchers and AV products need to be able to unpack and inspect the payloads hidden within the packed programs using RE tools.

Original languageEnglish (US)
Article number4639028
Pages (from-to)65-69
Number of pages5
JournalIEEE Security and Privacy
Volume6
Issue number5
DOIs
StatePublished - Sep 2008

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Electrical and Electronic Engineering
  • Law

Fingerprint

Dive into the research topics of 'Revealing packed malware'. Together they form a unique fingerprint.

Cite this