Bochs: A Portable PC Emulator for Unix/X
Linux Journal
Very Long Instruction Word architectures and the ELI-512
ISCA '83 Proceedings of the 10th annual international symposium on Computer architecture
Proceedings of the 36th annual IEEE/ACM International Symposium on Microarchitecture
Static Analyzer of Vicious Executables (SAVE)
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Dynamic binary translation using run-time feedbacks
Science of Computer Programming - Software analysis, evolution and re-engineering
QEMU, a fast and portable dynamic translator
ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
Static analysis of executables to detect malicious patterns
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
USITS'97 Proceedings of the USENIX Symposium on Internet Technologies and Systems on USENIX Symposium on Internet Technologies and Systems
An efficient algorithm for exploiting multiple arithmetic units
IBM Journal of Research and Development
| Hi-index | 0.00 |
The binary translator is a software component of a computer system. It converts binary code of one ISA into binary code of another ISA. Recent trends show that binary translators have been used to save CPU power consumption and CPU die size, which makes binary translators a possible indispensable component of future computer systems. And such situation would give new opportunities to the security of these computer systems. One of the opportunities is that we can perform malicious code checking dynamically in the layer of binary translators. This approach has many advantages, both in terms of capability of detection and checking overhead. In this paper, we proposed a working dynamic malicious code checking module integrated to an existent open-source binary translator, QEMU, and explained that our module's capability of detection is superior to other malicious code checking methods while acceptable performance is still maintained.