Static Analysis of Malware to Detect Exception Return

Zhang Yichi; Fu Wen; Pang Jianmin; Bai Lili

doi:10.1109/IFITA.2009.137

I
IFITA
2009
2009 International Forum on Information Technology and Applications
Abstract - Static Analysis of Malware to Detect Exception Return

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Zhang Yichi Articles by Pang Jianmin Articles by Bai Lili Articles by Fu Wen

2009 International Forum on Information Technology and Applications

Static Analysis of Malware to Detect Exception Return

Chengdu, China

May 15-May 17

ISBN: 978-0-7695-3600-2

	ASCII Text	x
	Zhang Yichi, Pang Jianmin, Bai Lili, Fu Wen, "Static Analysis of Malware to Detect Exception Return," Information Technology and Applications, International Forum on, vol. 3, pp. 690-693, 2009 International Forum on Information Technology and Applications, 2009.

	BibTex	x
	@article{ 10.1109/IFITA.2009.137, author = {Zhang Yichi and Pang Jianmin and Bai Lili and Fu Wen}, title = {Static Analysis of Malware to Detect Exception Return}, journal ={Information Technology and Applications, International Forum on}, volume = {3}, year = {2009}, isbn = {978-0-7695-3600-2}, pages = {690-693}, doi = {http://doi.ieeecomputersociety.org/10.1109/IFITA.2009.137}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Information Technology and Applications, International Forum on TI - Static Analysis of Malware to Detect Exception Return SN - 978-0-7695-3600-2 SP690 EP693 A1 - Zhang Yichi, A1 - Pang Jianmin, A1 - Bai Lili, A1 - Fu Wen, PY - 2009 KW - Malware KW - Disassemble KW - Obfuscation VL - 3 JA - Information Technology and Applications, International Forum on ER -

Zhang Yichi

Pang Jianmin

Bai Lili

Fu Wen

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/IFITA.2009.137

Malware is rapidly becoming a major security issue. In order to avoid being analyzed statically, malwares resort to various obfuscation techniques to hide their malicious behaviors. The technique based on the exception return of subroutine is one of the techniques. Currently disassemblers couldn't deal with malware which uses this technique. This paper presents a static disassembly algorithm base on virtual stack for handling malware with exception return. The result of the test proves that the algorithm is effective.

Index Terms:

Malware, Disassemble, Obfuscation

Citation:

Zhang Yichi, Pang Jianmin, Bai Lili, Fu Wen, "Static Analysis of Malware to Detect Exception Return," ifita, vol. 3, pp.690-693, 2009 International Forum on Information Technology and Applications, 2009

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.