Ninja: Towards Transparent Tracing and Debugging on ARM


Existing malware analysis platforms leave detectable fingerprints like uncommon string properties in QEMU, signatures in Android Java virtual machine, and artifacts in Linux kernel profiles. Since these fingerprints provide the malware a chance to split its behavior depending on whether the analysis system is present or not, existing analysis systems are… (More)
View Slides


11 Figures and Tables

Slides referencing similar topics