Ninja: Towards Transparent Tracing and Debugging on ARM

Abstract

Existing malware analysis platforms leave detectable fingerprints like uncommon string properties in QEMU, signatures in Android Java virtual machine, and artifacts in Linux kernel profiles. Since these fingerprints provide the malware a chance to split its behavior depending on whether the analysis system is present or not, existing analysis systems are… (More)
View Slides

Topics

11 Figures and Tables

Slides referencing similar topics