Mixed-Mode Malware and Its Analysis

Abstract

Mixed-mode malware contains user-mode and kernel-mode components that are interdependent. Such malware exhibits its main malicious payload only after it succeeds at corrupting the OS kernel. Such malware may further actively attack or subvert malware analysis components. Current malware analysis techniques are not effective against mixed-mode malware. To… (More)
DOI: 10.1145/2689702.2689703

Topics

12 Figures and Tables

Slides referencing similar topics