A Study of Advanced Hybrid Execution Using Reverse Traversal

Author

Jang, Seongsoo ; Kim, Ho-Yeon ; Choi, Young-Hyun ; Chung, Tai-Myoung

Author_Institution

Dept. of Electr. & Comput. Eng., Sungkyunkwan Univ., Suwon, South Korea

Volume

2

fYear

2011

fDate

26-27 Nov. 2011

Firstpage

557

Lastpage

559

Abstract

As software analysis techniques have been developed, lots of software analysis tools and anti-malware programs now can easily detect various kinds of malware. However, techniques for avoiding software analysis are also being developed. Polymorphic malware and obfuscated malware use those kinds of techniques, and they cause enormous damage to computer systems all over the world. In this paper, therefore, we suggest advanced hybrid execution using reverse traversal to examine advanced malware. The method we suggest reads in the whole program, creates control flow graph, and traces all the execution paths reversely, so that infeasible paths can also be detected. By traversing the whole execution paths, including infeasible paths, we can sense hidden vulnerabilities. Although we anticipate huge overhead when tracing all the execution paths, multi-core processing is expected to alleviate the overhead.

Keywords

flow graphs; invasive software; multiprocessing systems; program diagnostics; software tools; advanced hybrid execution; anti-malware programs; computer systems; control flow graph; execution paths; infeasible paths; multicore processing; obfuscated malware; polymorphic malware; reverse traversal; software analysis techniques; Computers; Concrete; Conferences; Malware; Software; Software testing; Hybrid Execution; Reverse Traversal; Software Analysis;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Management, Innovation Management and Industrial Engineering (ICIII), 2011 International Conference on

Conference_Location

Shenzhen

Print_ISBN

978-1-61284-450-3

Type

conf

DOI

10.1109/ICIII.2011.278

Filename

6116767