Cryptologia
The Art of Computer Virus Research and Defense
The Art of Computer Virus Research and Defense
Using Entropy Analysis to Find Encrypted and Packed Malware
IEEE Security and Privacy
Mimimorphism: a new approach to binary code obfuscation
Proceedings of the 17th ACM conference on Computer and communications security
Measuring pay-per-install: the commoditization of malware distribution
SEC'11 Proceedings of the 20th USENIX conference on Security
Frankenstein: stitching malware from benign binaries
WOOT'12 Proceedings of the 6th USENIX conference on Offensive Technologies
Hi-index | 0.00 |
Mutants produced by current metamorphic engine are divers, but they still contain shortcomings that reliably distinguish them from normal program. This paper introduces a novel binary obfuscation technique with the potential of evading both statistical and semantic detections. It transforms the binary program into mimicry executables that exhibit high similarity to benign programs in terms of statistical properties and semantic characteristics. Experimental results show that the mimicry executables are indistinguishable from benign programs in byte frequency distribution and entropy, and no false instructions produced.