Static Analysis of Binary Code to Isolate Malicious Behaviors
WETICE '99 Proceedings of the 8th Workshop on Enabling Technologies on Infrastructure for Collaborative Enterprises
Detection of injected, dynamically generated, and obfuscated malicious code
Proceedings of the 2003 ACM workshop on Rapid malcode
Invited Talk Static and dynamic analysis: synergy and duality
Proceedings of the 5th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Abstracting Stack to Detect Obfuscated Calls in Binaries
SCAM '04 Proceedings of the Source Code Analysis and Manipulation, Fourth IEEE International Workshop
Malware: Fighting Malicious Code
Malware: Fighting Malicious Code
CodeSurfer/x86—A platform for analyzing x86 executables
CC'05 Proceedings of the 14th international conference on Compiler Construction
Analyzing memory accesses in obfuscated x86 executables
DIMVA'05 Proceedings of the Second international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
WYSINWYX: What you see is not what you eXecute
ACM Transactions on Programming Languages and Systems (TOPLAS)
| Hi-index | 0.00 |
AWE is a prototype system for performing analysis of x86 executables in the absence of source code or debugging information. It provides a modular infrastructure for integrating static and dynamic analyses into a single workflow. One of the major challenges with performing analysis of modern software is the amount of data that must be analyzed by a human to determine software behavior. This challenge is further compounded by the number of different tools and extensive expertise required to perform such analyses. The AWE system addresses this challenge in two ways: first by focusing analyst's attention on a prioritized subset of software features of importance, and second by simplifying analysis through an integrated static and dynamic analysis workflo.