Revealing packed malware

Authors

Yan Wei
Zhang Zheng
Nirwan Ansari, New Jersey Institute of Technology

Document Type

Article

Publication Date

9-1-2008

Abstract

Data security researchers are facing significant challenges in overcoming malware's complexity and making efforts to reduce threat to data. Reverse engineering (RE) has emerged as a significant approach, to analyze a program's logic flow an internal data structures, such as system call functions. The use of packers and binary tools that encourage code generation enable malicious content detection. Packers are software programs that compress and encrypt other executable files in a disk and restore the original executable images , when the packed files are loaded into memories. The latest malware can completely bypass personal firewalls and antivirus (AV) scanners, by using executable packers. Experts suggest that security researchers and AV products need to be able to unpack and inspect the payloads hidden within the packed programs using RE tools.

Identifier

54049099646 (Scopus)

Publication Title

IEEE Security and Privacy

External Full Text Location

https://doi.org/10.1109/MSP.2008.126

ISSN

15407993

First Page

65

Last Page

69

Issue

5

Volume

6

Recommended Citation

Wei, Yan; Zheng, Zhang; and Ansari, Nirwan, "Revealing packed malware" (2008). Faculty Publications. 12708.
https://digitalcommons.njit.edu/fac_pubs/12708