All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

Generic detection of register realignment

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26230%2F11%3APU95992" target="_blank" >RIV/00216305:26230/11:PU95992 - isvavai.cz</a>

  • Result on the web

  • DOI - Digital Object Identifier

Alternative languages

  • Result language

    angličtina

  • Original language name

    Generic detection of register realignment

  • Original language description

    The register realignment is a method of binary obfuscation and it is used by malware writers. The paper introduces the method how register realignment can be recognized by analysis based on the scattered context grammars. Such an analysis includes exploration of bytes affected by realignment, finding new valid values for them, building the scattered context grammar and parse an obfuscated code by this grammar. The created grammar has LL property - an ability for parsing by this type of grammar.

  • Czech name

  • Czech description

Classification

  • Type

    D - Article in proceedings

  • CEP classification

    IN - Informatics

  • OECD FORD branch

Result continuities

  • Project

    <a href="/en/project/TA01010667" target="_blank" >TA01010667: System for Support of Platform Independent Malware Analysis in Executable Files.</a><br>

  • Continuities

    Z - Vyzkumny zamer (s odkazem do CEZ)

Others

  • Publication year

    2011

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Article name in the collection

    AIP Conference Proceedings

  • ISBN

    978-0-7354-0954-5

  • ISSN

  • e-ISSN

  • Number of pages

    4

  • Pages from-to

    806-809

  • Publisher name

    American Institute of Physics

  • Place of publication

    Kassandra, Halkidiki

  • Event location

    Halkidiki, Greece

  • Event date

    Sep 19, 2011

  • Type of event by nationality

    WRD - Celosvětová akce

  • UT code for WoS article

Similar results(10)

Advanced Static Analysis for Decompilation Using Scattered Context GrammarsType Checking by Context-Sensitive LanguagesParsing of Context-Sensitive Languages