Catalogo dei prodotti della ricerca

Dynamic binary instrumentation (DBI) systems are a popular solution for prototyping heterogeneous program analyses and monitoring tools. Several works from academic and practitioner venues have questioned the transparency of DBI systems, with anti-analysis detection sequences being found already in malware and executable protectors. The present Field Note details new and established detection methods and evaluates recent versions of popular DBI systems against them. It also sets out reflections on potential remediations and alternatives available to security researchers for their daily needs. We make available a large collection of implemented detections, hoping it can help the community build better DBI runtimes and tools.

Evaluating Dynamic Binary Instrumentation Systems for Conspicuous Features and Artifacts / D’Elia, Daniele Cono; Invidia, Lorenzo; Palmaro, Federico; Querzoni, Leonardo. - In: DIGITAL THREATS. - ISSN 2692-1626. - 3:2(2022), pp. 1-13. [10.1145/3478520]

Evaluating Dynamic Binary Instrumentation Systems for Conspicuous Features and Artifacts

D’Elia, Daniele Cono
Primo
;Invidia, Lorenzo;Querzoni, Leonardo
2022

Abstract

Dynamic binary instrumentation (DBI) systems are a popular solution for prototyping heterogeneous program analyses and monitoring tools. Several works from academic and practitioner venues have questioned the transparency of DBI systems, with anti-analysis detection sequences being found already in malware and executable protectors. The present Field Note details new and established detection methods and evaluates recent versions of popular DBI systems against them. It also sets out reflections on potential remediations and alternatives available to security researchers for their daily needs. We make available a large collection of implemented detections, hoping it can help the community build better DBI runtimes and tools.
2022
Anti-analysis; binary analysis; dynamic binary instrumentation; evasion; malware; packers
01 Pubblicazione su rivista::01a Articolo in rivista
Evaluating Dynamic Binary Instrumentation Systems for Conspicuous Features and Artifacts / D’Elia, Daniele Cono; Invidia, Lorenzo; Palmaro, Federico; Querzoni, Leonardo. - In: DIGITAL THREATS. - ISSN 2692-1626. - 3:2(2022), pp. 1-13. [10.1145/3478520]
01a Articolo in rivista
File allegati a questo prodotto
File Dimensione Formato  
DElia_Evaluating_2022.pdf

accesso aperto

Note: https://doi.org/10.1145/3478520
Tipologia: Versione editoriale (versione pubblicata con il layout dell'editore)
Licenza: Creative commons
Dimensione 224.67 kB
Formato Adobe PDF
224.67 kB Adobe PDF

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11573/1621135
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 7
  • ???jsp.display-item.citation.isi??? ND
social impact