Title :
A Study of Advanced Hybrid Execution Using Reverse Traversal
Author :
Jang, Seongsoo ; Kim, Ho-Yeon ; Choi, Young-Hyun ; Chung, Tai-Myoung
Author_Institution :
Dept. of Electr. & Comput. Eng., Sungkyunkwan Univ., Suwon, South Korea
Abstract :
As software analysis techniques have been developed, lots of software analysis tools and anti-malware programs now can easily detect various kinds of malware. However, techniques for avoiding software analysis are also being developed. Polymorphic malware and obfuscated malware use those kinds of techniques, and they cause enormous damage to computer systems all over the world. In this paper, therefore, we suggest advanced hybrid execution using reverse traversal to examine advanced malware. The method we suggest reads in the whole program, creates control flow graph, and traces all the execution paths reversely, so that infeasible paths can also be detected. By traversing the whole execution paths, including infeasible paths, we can sense hidden vulnerabilities. Although we anticipate huge overhead when tracing all the execution paths, multi-core processing is expected to alleviate the overhead.
Keywords :
flow graphs; invasive software; multiprocessing systems; program diagnostics; software tools; advanced hybrid execution; anti-malware programs; computer systems; control flow graph; execution paths; infeasible paths; multicore processing; obfuscated malware; polymorphic malware; reverse traversal; software analysis techniques; Computers; Concrete; Conferences; Malware; Software; Software testing; Hybrid Execution; Reverse Traversal; Software Analysis;
Conference_Titel :
Information Management, Innovation Management and Industrial Engineering (ICIII), 2011 International Conference on
Conference_Location :
Shenzhen
Print_ISBN :
978-1-61284-450-3
DOI :
10.1109/ICIII.2011.278
