Using memory management to detect and extract illegitimate code for malware analysis


Exploits that successfully attack computers are typically based on some form of shellcode, i.e., illegitimate code that is injected by the attacker to take control of the system. Detecting and gathering such code is the first step to its detailed analysis. The amount and sophistication of modern malware calls for automated mechanisms that perform such… (More)
DOI: 10.1145/2420950.2420979

10 Figures and Tables


  • Presentations referencing similar topics