In this paper, we propose a new dynamic and configurableapproach to anti-emulation malware analysis, aiming at improving transparencyof existing analyses techniques. We test the effectiveness of existingwidespread free analyzers and we observe that the main problem ofthese analyses is that they provide static and immutable values to theparameter used in anti-emulation tests. Our approach aims at overcomingthese limitations by providing an abstract non-interference-based approachmodeling the fact that parameters can be modified dynamically,and the corresponding executions compared.
MIME: A Formal Approach to (Android) Emulation Malware Analysis
Mastroeni, Isabella
2016-01-01
Abstract
In this paper, we propose a new dynamic and configurableapproach to anti-emulation malware analysis, aiming at improving transparencyof existing analyses techniques. We test the effectiveness of existingwidespread free analyzers and we observe that the main problem ofthese analyses is that they provide static and immutable values to theparameter used in anti-emulation tests. Our approach aims at overcomingthese limitations by providing an abstract non-interference-based approachmodeling the fact that parameters can be modified dynamically,and the corresponding executions compared.
File in questo prodotto:
| File | Dimensione | Formato | |
|---|---|---|---|
|
short-camera.pdf
accesso aperto
Tipologia:
Documento in Pre-print
Licenza:
Creative commons
Dimensione
768.95 kB
Formato
Adobe PDF
|
768.95 kB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
