July 27, 2015
Malware targeting enterprises has become highly sophisticated, lurking in a victim's machine for a long period of time. Malware often has complex logic to protect itself from being analyzed, and it conducts the attack in multiple steps, with each one guarded by a restricted condition. During this time, no sign of malicious activity is apparent until the intended target becomes reachable or a preset time frame is reached. According to Frost and Sullivan (2013), the United State experienced 55.7 percent of all malware incidents.
Researchers at Purdue University have developed a binary analysis engine, X-Force, which can detect malware attacks and reveal the malware's intent, behavior, and strategy. This technology monitors the execution of a binary through dynamic binary instrumentation, forcing the binary to ignore arbitrary conditional checks and supplying random values when inputs are needed. X-Force allows users to rapidly explore the behaviors of any unknown binary as it simply executes the binary without solving constraints. Furthermore, X-Force can also recover the execution from exceptions. Using this technique, users can easily handle binaries in a broader spectrum such as large, packed, or obfuscated binaries.
由于技术保密工作限制,技术信息无法完全展现,请通过邮箱或短信联系我们,获取更多技术资料。
supplying random values
technology summary researchers
easily handle binaries
detect malware attacks
binary analysis engine
B5, No.1600, North Guoquan Rd, Yangpu, Shanghai
info@yintrust.com
021-65679356
Premium