2015-ZHAN-66948 | |
Malware targeting enterprises has become highly sophisticated, lurking in a victim's machine for a long period of time. Malware often has complex logic to protect itself from being analyzed, and it conducts the attack in multiple steps, with each one guarded by a restricted condition. During this time, no sign of malicious activity is apparent until the intended target becomes reachable or a preset time frame is reached. According to Frost and Sullivan (2013), the United State experienced 55.7 percent of all malware incidents. Researchers at Purdue University have developed a binary analysis engine, X-Force, which can detect malware attacks and reveal the malware's intent, behavior, and strategy. This technology monitors the execution of a binary through dynamic binary instrumentation, forcing the binary to ignore arbitrary conditional checks and supplying random values when inputs are needed. X-Force allows users to rapidly explore the behaviors of any unknown binary as it simply executes the binary without solving constraints. Furthermore, X-Force can also recover the execution from exceptions. Using this technique, users can easily handle binaries in a broader spectrum such as large, packed, or obfuscated binaries. Advantages: -More practical and extensible solution to malware attacks -Suitable for analyzing packed, obfuscated, and self-modifying binaries Potential Applications: -Cybersecurity -Computational malware |
|
|
|
Jun 3, 2016
Copyright
United States
TXu 2-019-509
Jun 3, 2016
Mar 12, 2015
Provisional-Patent
United States
(None)
(None)
|
|
Purdue Office of Technology Commercialization 1801 Newman Road West Lafayette, IN 47906 Phone: (765) 588-3475 Fax: (765) 463-3486 Email: otcip@prf.org |