Using Implicit Calls to Improve Malware Dynamic ExecutionReport as inadecuate

Using Implicit Calls to Improve Malware Dynamic Execution - Download this document for free, or read online. Document in PDF available to download.

1 CIDRE - Confidentialité, Intégrité, Disponibilité et Répartition CentraleSupélec, Inria Rennes – Bretagne Atlantique , IRISA-D1 - SYSTÈMES LARGE ÉCHELLE 2 LIFO - Laboratoire d-Informatique Fondamentale d-Orléans

Abstract : The number of Android malware has been increasing for the last 5 years. These malware use more often evasion techniques to hide their malicious intent and avoid analysis tools. In this work, we focus on triggering the most suspicious parts of code in malicious applications in order to monitor their behaviors using dynamic analysis tools for a better understanding of their activities. To do this, a global control flow graph CFG is used to exhibit an execution path to reach specific parts of code. Here we explain why using only explicit interprocedural calls may lead to a partial build of the CFG. In this poster, we explain that concept and propose a solution that improves malicious code reachability by means of integrating implicit calls.

Author: Mourad Leslous - Jean-François Lalande - Valérie Viet Triem Tong -



Related documents