Obfuscation procedure based on the insertion of the dead code in the crypter by binary search

Cristian Barría Huidobro, David Cordero, Claudio Cubillos, Héctor Allende Cid, Claudio Casado Bárragan

Resultado de la investigación: Conference contribution

Resumen

What threatens the cyberspace is known as malware, which in order to infect the technological devices, it has to be capable of bypassing the antivirus motor. To avoid the antivirus detection, the malicious code requires to be updated and have undergone an obfuscation process. However, the problem of the updating is to consider that the malware maintains its functionality based on its specific characteristics, and also to be checked by specilized informatic resources. For the aforementioned, this paper proposes a procedure that allows to apply the AVFUCKER, DSPLIT, and Binary Division techniques with the aim of optimizing the necessary technological resources, and reducing the time of analysis of the malware's functionality and the evasion of the antivirus.

Idioma originalEnglish
Título de la publicación alojada2018 7th International Conference on Computers Communications and Control, ICCCC 2018 - Proceedings
EditorialInstitute of Electrical and Electronics Engineers Inc.
Páginas183-192
Número de páginas10
ISBN (versión digital)9781538619346
DOI
EstadoPublished - 19 jun 2018
Publicado de forma externa
Evento7th International Conference on Computers Communications and Control, ICCCC 2018 - Oradea, Romania
Duración: 8 may 201812 may 2018

Conference

Conference7th International Conference on Computers Communications and Control, ICCCC 2018
PaísRomania
CiudadOradea
Período8/05/1812/05/18

Huella dactilar

Obfuscation
Binary search
Malware
Insertion
Resources
Updating
Division
Binary
Necessary

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Hardware and Architecture
  • Software
  • Energy Engineering and Power Technology
  • Control and Optimization

Citar esto

Huidobro, C. B., Cordero, D., Cubillos, C., Cid, H. A., & Bárragan, C. C. (2018). Obfuscation procedure based on the insertion of the dead code in the crypter by binary search. En 2018 7th International Conference on Computers Communications and Control, ICCCC 2018 - Proceedings (pp. 183-192). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ICCCC.2018.8390457
Huidobro, Cristian Barría ; Cordero, David ; Cubillos, Claudio ; Cid, Héctor Allende ; Bárragan, Claudio Casado. / Obfuscation procedure based on the insertion of the dead code in the crypter by binary search. 2018 7th International Conference on Computers Communications and Control, ICCCC 2018 - Proceedings. Institute of Electrical and Electronics Engineers Inc., 2018. pp. 183-192
@inproceedings{ce879c3d05cd44e788f11b599e9b3419,
title = "Obfuscation procedure based on the insertion of the dead code in the crypter by binary search",
abstract = "What threatens the cyberspace is known as malware, which in order to infect the technological devices, it has to be capable of bypassing the antivirus motor. To avoid the antivirus detection, the malicious code requires to be updated and have undergone an obfuscation process. However, the problem of the updating is to consider that the malware maintains its functionality based on its specific characteristics, and also to be checked by specilized informatic resources. For the aforementioned, this paper proposes a procedure that allows to apply the AVFUCKER, DSPLIT, and Binary Division techniques with the aim of optimizing the necessary technological resources, and reducing the time of analysis of the malware's functionality and the evasion of the antivirus.",
keywords = "antivirus, AvFucker, cyberspace, Dsplit, evasion, Malware, obfuscation techniques",
author = "Huidobro, {Cristian Barr{\'i}a} and David Cordero and Claudio Cubillos and Cid, {H{\'e}ctor Allende} and B{\'a}rragan, {Claudio Casado}",
year = "2018",
month = "6",
day = "19",
doi = "10.1109/ICCCC.2018.8390457",
language = "English",
pages = "183--192",
booktitle = "2018 7th International Conference on Computers Communications and Control, ICCCC 2018 - Proceedings",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
address = "United States",

}

Huidobro, CB, Cordero, D, Cubillos, C, Cid, HA & Bárragan, CC 2018, Obfuscation procedure based on the insertion of the dead code in the crypter by binary search. En 2018 7th International Conference on Computers Communications and Control, ICCCC 2018 - Proceedings. Institute of Electrical and Electronics Engineers Inc., pp. 183-192, 7th International Conference on Computers Communications and Control, ICCCC 2018, Oradea, Romania, 8/05/18. https://doi.org/10.1109/ICCCC.2018.8390457

Obfuscation procedure based on the insertion of the dead code in the crypter by binary search. / Huidobro, Cristian Barría; Cordero, David; Cubillos, Claudio; Cid, Héctor Allende; Bárragan, Claudio Casado.

2018 7th International Conference on Computers Communications and Control, ICCCC 2018 - Proceedings. Institute of Electrical and Electronics Engineers Inc., 2018. p. 183-192.

Resultado de la investigación: Conference contribution

TY - GEN

T1 - Obfuscation procedure based on the insertion of the dead code in the crypter by binary search

AU - Huidobro, Cristian Barría

AU - Cordero, David

AU - Cubillos, Claudio

AU - Cid, Héctor Allende

AU - Bárragan, Claudio Casado

PY - 2018/6/19

Y1 - 2018/6/19

N2 - What threatens the cyberspace is known as malware, which in order to infect the technological devices, it has to be capable of bypassing the antivirus motor. To avoid the antivirus detection, the malicious code requires to be updated and have undergone an obfuscation process. However, the problem of the updating is to consider that the malware maintains its functionality based on its specific characteristics, and also to be checked by specilized informatic resources. For the aforementioned, this paper proposes a procedure that allows to apply the AVFUCKER, DSPLIT, and Binary Division techniques with the aim of optimizing the necessary technological resources, and reducing the time of analysis of the malware's functionality and the evasion of the antivirus.

AB - What threatens the cyberspace is known as malware, which in order to infect the technological devices, it has to be capable of bypassing the antivirus motor. To avoid the antivirus detection, the malicious code requires to be updated and have undergone an obfuscation process. However, the problem of the updating is to consider that the malware maintains its functionality based on its specific characteristics, and also to be checked by specilized informatic resources. For the aforementioned, this paper proposes a procedure that allows to apply the AVFUCKER, DSPLIT, and Binary Division techniques with the aim of optimizing the necessary technological resources, and reducing the time of analysis of the malware's functionality and the evasion of the antivirus.

KW - antivirus

KW - AvFucker

KW - cyberspace

KW - Dsplit

KW - evasion

KW - Malware

KW - obfuscation techniques

UR - http://www.scopus.com/inward/record.url?scp=85050106981&partnerID=8YFLogxK

U2 - 10.1109/ICCCC.2018.8390457

DO - 10.1109/ICCCC.2018.8390457

M3 - Conference contribution

AN - SCOPUS:85050106981

SP - 183

EP - 192

BT - 2018 7th International Conference on Computers Communications and Control, ICCCC 2018 - Proceedings

PB - Institute of Electrical and Electronics Engineers Inc.

ER -

Huidobro CB, Cordero D, Cubillos C, Cid HA, Bárragan CC. Obfuscation procedure based on the insertion of the dead code in the crypter by binary search. En 2018 7th International Conference on Computers Communications and Control, ICCCC 2018 - Proceedings. Institute of Electrical and Electronics Engineers Inc. 2018. p. 183-192 https://doi.org/10.1109/ICCCC.2018.8390457