Skip to main content
USENIX
  • Conferences
  • Students
Sign in
  • HotSec '12 Home
  • Organizers
  • Registration Information
  • Registration Discounts
  • Workshop Program
  • Co-located Workshops
  • Hotel and Travel Information
  • Students
  • Help Promote
  • For Participants
  • Call for Papers
  • Past Workshops

twitter

Tweets by @usenix

usenix conference policies

  • Event Code of Conduct
  • Conference Network Policy
  • Statement on Environmental Responsibility Policy

You are here

Home » Impeding Automated Malware Analysis with Environment-sensitive Malware
Tweet

connect with us

https://twitter.com/#!/usenix
https://www.facebook.com/events/311239542267623/

Impeding Automated Malware Analysis with Environment-sensitive Malware

Authors: 

Chengyu Song, Paul Royal, and Wenke Lee, Georgia Institute of Technology

Abstract: 

To solve the scalability problem introduced by the exponential growth of malware, numerous automated malware analysis techniques have been developed. Unfortunately, all of these approaches make previously unaddressed assumptions that manifest as weaknesses to the tenability of the automated malware analysis process. To highlight this concern, we developed two obfuscation techniques that make the successful execution of a malware sample dependent on the unique properties of the original host it infects. To reinforce the potential for malware authors to leverage this type of analysis resistance, we discuss the Flashback botnet’s use of a similar technique to prevent the automated analysis of its samples.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX
@inproceedings {179470,
title = {Impeding Automated Malware Analysis with Environment-sensitive Malware},
booktitle = {7th USENIX Workshop on Hot Topics in Security (HotSec 12)},
year = {2012},
address = {Bellevue, WA},
url = {https://www.usenix.org/conference/hotsec12/workshop-program/presentation/Song},
publisher = {USENIX Association},
month = aug,
}
Download
Song PDF
PC Comments on Song Paper
View the slides

Presentation Video

Presentation Audio

MP3 Download OGG Download

Download Audio

  • Log in or    Register to post comments

© USENIX

  • Privacy Policy
  • Contact Us