Mal-Flux: Rendering hidden code of packed binary executable. (March 2019)

Record Type:: Journal Article
Title:: Mal-Flux: Rendering hidden code of packed binary executable. (March 2019)
Main Title:: Mal-Flux: Rendering hidden code of packed binary executable
Authors:: Lim, Charles
Suryadi,
Ramli, Kalamullah
Kotualubun, Yohanes Syailendra
Abstract:: Abstract: A binary packer has commonly been used to protect the original code inside the binary executables from being detected as malicious code by anti-malware software. Various methods of unpacking packed binary executables have been extensively studied, and several unpacking approaches have been proposed. Some of these solutions depend on various assumptions, which may limit their effectiveness. Here, a new method of memory analysis technique, called Mal-Flux, is proposed to determine the end of unpacking routine to allow hidden code extraction from the packed binary executables. Our experiments show that our method provides better performance than previous works in extracting the hidden-code from the packed binary executables.
Is Part Of:: Digital investigation. Volume 28(2019)
Journal:: Digital investigation
Issue:: Volume 28(2019)
Issue Display:: Volume 28, Issue 2019 (2019)
Year:: 2019
Volume:: 28
Issue:: 2019
Issue Sort Value:: 2019-0028-2019-0000
Page Start:: 83
Page End:: 95
Publication Date:: 2019-03
Subjects:: Binary packer -- Memory analysis -- Malware -- Malicious code
Forensic sciences -- Data processing -- Periodicals
Criminal investigation -- Data processing -- Periodicals
363.250285
Journal URLs:: http://www.sciencedirect.com/science/journal/17422876 ↗
http://www.elsevier.com/journals ↗
DOI:: 10.1016/j.diin.2019.01.004 ↗
Languages:: English
ISSNs:: 1742-2876
Deposit Type:: Legaldeposit
View Content:: Available online (eLD content is only available in our Reading Rooms) ↗
Physical Locations:: British Library DSC - 3588.396620
British Library DSC - BLDSS-3PM
British Library STI - ELD Digital store
Ingest File:: 10009.xml