Deobfuscating tools for the validation and verification of tamper-proofed software
Agency / Branch:
DOD / OSD
We propose a deobfuscation tool that uses machine-code analysis to expose self-protecting malware for further analysis (e.g., by an automated malware detector, or a human analyst) using dynamic disassembly techniques. The proposed deobfuscator will also be capable of checking that the (self-protecting) program output from a tamper-proofing tool is indeed protected, and has the same behavior as the input program. Our approach combines the strengths of static analysis and dynamic analysis. This allows us to have the precision of dynamic analysis, but with much better coverage, thus recovering some of the completeness of static analysis.
Small Business Information at Submission:
Research Institution Information:
317 N. Aurora Street Ithaca, NY 14850
Number of Employees:
UNIV. OF WISCONSIN, COMP. SCI.
1210 West Dayton Street
Madison, WI 53706
Nonprofit college or university