{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T02:12:23Z","timestamp":1742955143258,"version":"3.40.3"},"publisher-location":"Cham","reference-count":30,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319457185"},{"type":"electronic","value":"9783319457192"}],"license":[{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016]]},"DOI":"10.1007\/978-3-319-45719-2_10","type":"book-chapter","created":{"date-parts":[[2016,9,5]],"date-time":"2016-09-05T22:11:24Z","timestamp":1473113484000},"page":"211-229","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["A Formal Framework for Environmentally Sensitive Malware"],"prefix":"10.1007","author":[{"given":"Jeremy","family":"Blackthorne","sequence":"first","affiliation":[]},{"given":"Benjamin","family":"Kaiser","sequence":"additional","affiliation":[]},{"given":"B\u00fclent","family":"Yener","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2016,9,7]]},"reference":[{"key":"10_CR1","unstructured":"Apon, D., Huang, Y., Katz, J., Malozemoff, A.J.: Implementing cryptographic program obfuscation (2014)"},{"key":"10_CR2","unstructured":"Arora, S., Barak, B.: Randomized computation. In: Computational Complexity: A Modern Approach, pp. 121\u2013122. Cambridge University Press, New York (2012). Chap. 7, Sect. 7.5.3"},{"key":"10_CR3","unstructured":"Barak, B., Garg, S., Kalai, Y.T., Paneth, O., Sahai, A.: Protecting obfuscation against algebraic attacks. Cryptology ePrint Archive, Report 2013\/631 (2013). \n                      http:\/\/eprint.iacr.org\/2013\/631.pdf\n                      \n                    . Accessed 6 Apr 2015"},{"key":"10_CR4","unstructured":"Barak, B., Goldreich, O., Impagliazzo, R., Rudich, S., Sahai, A., Vadhan, S., Yang, K.: On the (im)possibility of obfuscating programs. Cryptology ePrint Archive, Report 2001\/069 (2001). \n                      http:\/\/eprint.iacr.org\/"},{"key":"10_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/3-540-44647-8_1","volume-title":"Advances in Cryptology - CRYPTO 2001","author":"B Barak","year":"2001","unstructured":"Barak, B., Goldreich, O., Impagliazzo, R., Rudich, S., Sahai, A., Vadhan, S.P., Yang, K.: On the (im)possibility of obfuscating programs. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, p. 1. Springer, Heidelberg (2001)"},{"key":"10_CR6","unstructured":"Basile, C., et al.: Towards a formal model for software tamper resistance. COSIC, University of Leuven, Flanders, Belgium (2009). \n                      https:\/\/www.cosic.esat.kuleuven.be\/publications\/article-1280.pdf\n                      \n                    . Accessed 6 Apr 2015"},{"issue":"1","key":"10_CR7","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/s11416-006-0029-6","volume":"3","author":"P Beaucamps","year":"2007","unstructured":"Beaucamps, P., Filiol, E.: On the possibility of practically obfuscating programs towards a unified perspective of code protection. J. Comput. Virol. 3(1), 3\u201321 (2007)","journal-title":"J. Comput. Virol."},{"key":"10_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"488","DOI":"10.1007\/978-3-319-19962-7_28","volume-title":"Information Security and Privacy","author":"DJ Bernstein","year":"2015","unstructured":"Bernstein, D.J., H\u00fclsing, A., Lange, T., Niederhagen, R.: Bad directions in cryptographic hash functions. In: Foo, E., Stebila, D. (eds.) ACISP 2015. LNCS, vol. 9144, pp. 488\u2013508. Springer, Heidelberg (2015)"},{"key":"10_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"520","DOI":"10.1007\/978-3-642-14623-7_28","volume-title":"Advances in Cryptology \u2013 CRYPTO 2010","author":"N Bitansky","year":"2010","unstructured":"Bitansky, N., Canetti, R.: On strong simulation and composable point obfuscation. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 520\u2013537. Springer, Heidelberg (2010)"},{"key":"10_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"108","DOI":"10.1007\/978-3-662-44381-1_7","volume-title":"Advances in Cryptology \u2013 CRYPTO 2014","author":"N Bitansky","year":"2014","unstructured":"Bitansky, N., Canetti, R., Kalai, Y.T., Paneth, O.: On virtual grey box obfuscation for general circuits. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014, Part II. LNCS, vol. 8617, pp. 108\u2013125. Springer, Heidelberg (2014)"},{"issue":"3","key":"10_CR11","doi-asserted-by":"publisher","first-page":"211","DOI":"10.1007\/s11416-008-0084-2","volume":"4","author":"JM Borello","year":"2008","unstructured":"Borello, J.M., M\u00e9, L.: Code obfuscation techniques for metamorphic viruses. J. Comput. Virol. 4(3), 211\u2013220 (2008)","journal-title":"J. Comput. Virol."},{"key":"10_CR12","unstructured":"Brakerski, Z., Rothblum, G.N.: Virtual black-box obfuscation for all circuits via generic graded encoding. Cryptology ePrint Archive, Report 2013\/563 (2013). \n                      http:\/\/eprint.iacr.org\/2013-563.pdf\n                      \n                    , \n                      http:\/\/eprint.iacr.org\/2013-563.pdf\n                      \n                    . Accessed 6 Apr 2015"},{"key":"10_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"73","DOI":"10.1007\/978-3-642-00457-5_6","volume-title":"Theory of Cryptography","author":"R Canetti","year":"2009","unstructured":"Canetti, R., Varia, M.: Non-malleable obfuscation. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 73\u201390. Springer, Heidelberg (2009)"},{"key":"10_CR14","unstructured":"Chen, X., Andersen, J., Mao, Z., Bailey, M., Nazario, J.: Towards an understanding of anti-virtualization and anti-debugging behavior in modern malware. In: IEEE International Conference on Dependable Systems and Networks with FTCS and DCC, DSN 2008, pp. 177\u2013186, June 2008"},{"key":"10_CR15","unstructured":"Collberg, C., Thomborson, C., Low, D.: A taxonomy of obfuscating transformations. Technical report 148. Department of Computer Science University of Auckland, 36 p., July 1997. \n                      http:\/\/scholar.google.com\/scholar?hl=en&btnG=Search&q=intitle:A+Taxonomy+of+Obfuscating+Transformations#0"},{"key":"10_CR16","unstructured":"Dinaburg, A., Royal, P., Sharif, M., Lee, W.: Ether: malware analysis via hardware virtualization extensions. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, CCS 2008, pp. 51\u201362 (2008). \n                      http:\/\/dl.acm.org\/citation.cfm?id=1455779"},{"key":"10_CR17","unstructured":"Ferrie, P.: Attacks on more virtual machine emulators. Technical report. Symantec Advanced Threat Research (2007)"},{"key":"10_CR18","unstructured":"Ferrie, P.: The Ultimate Anti-Debugging Reference, May 2011. \n                      http:\/\/pferrie.host22.com\/papers\/antidebug.pdf\n                      \n                    . Accessed 6 Apr 2015"},{"key":"10_CR19","unstructured":"Garfinkel, T., Adams, K., Warfield, A., Franklin, J.: Compatibility is not transparency: VMM detection myths and realities. In: Proceedings of 11th USENIX Workshop on Hot Topics in Operating Systems, pp. 6:1\u20136:6 (2007). \n                      http:\/\/dl.acm.org\/citation.cfm?id=1361397.1361403"},{"key":"10_CR20","doi-asserted-by":"crossref","unstructured":"Garg, S., et al.: Candidate indistinguishability obfuscation and functional encryption for all circuits. In: FOCS 2013, pp. 40\u201349 (2013)","DOI":"10.1109\/FOCS.2013.13"},{"key":"10_CR21","doi-asserted-by":"crossref","unstructured":"Goldwasser, S., Rothblum, G.N.: On best-possible obfuscation. In: Proceedings of 4th Theory Cryptography Conference, pp. 194\u2013213 (2007)","DOI":"10.1007\/978-3-540-70936-7_11"},{"key":"10_CR22","unstructured":"Kang, M.G., Yin, H., Hanna, S., McCamant, S., Song, D.: Emulating emulation-resistant malware. In: Proceedings of the 1st ACM Workshop on Virtual Machine Security, VMSec 2009, pp. 11\u201322. ACM, New York (2009). \n                      http:\/\/doi.acm.org\/10.1145\/1655148.1655151"},{"key":"10_CR23","unstructured":"Moon, P.: The use of packers, obfuscators and encryptors in modern malware the use of packers, obfuscators and encryptors in modern malware. Technical report, Royal Holloway University of London, March 2015"},{"key":"10_CR24","doi-asserted-by":"crossref","unstructured":"Nithyanand, R., Solis, J.: A theoretical analysis: physical unclonable functions and the software protection problem. In: Proceedings of 2012 IEEE Symposium Security and Privacy Workshop, pp. 1\u201311 (2012)","DOI":"10.1109\/SPW.2012.16"},{"key":"10_CR25","doi-asserted-by":"crossref","unstructured":"Nithyanand, R., Sion, R., Solis, J.: Solving the software protection problem with intrinsic personal physical unclonable functions. Sandia National Laboratories, Livermore, CA, USA. Report SAND2011-6603 (2011)","DOI":"10.2172\/1030331"},{"key":"10_CR26","unstructured":"Paleari, R., Martignoni, L., Roglia, G.F., Bruschi, D.: A fistful of red-pills: how to automatically generate procedures to detect CPU emulators. In: Proceedings of the 3rd USENIX Conference on Offensive Technologies, WOOT 2009, p. 2. USENIX Association, Berkeley (2009). \n                      http:\/\/dl.acm.org\/citation.cfm?id=1855876.1855878"},{"key":"10_CR27","unstructured":"Plaga, R., Koob, F.: A formal definition and a new security mechanism of physical unclonable functions. In: Proceedings 16th International GI\/ITG Conference Measurement, Modeling, and Evaluation of Computing Systems and Dependability and Fault Tolerance, pp. 228\u2013301 (2012). \n                      http:\/\/arxiv.org\/abs\/1204.0987"},{"key":"10_CR28","unstructured":"Popov, I.V., Debray, S.K., Andrews, G.R.: Binary obfuscation using signals. In: Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, SS 2007, pp. 19:1\u201319:16. USENIX Association, Berkeley (2007). \n                      http:\/\/dl.acm.org\/citation.cfm?id=1362903.1362922"},{"key":"10_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"49","DOI":"10.1007\/978-3-642-04474-8_4","volume-title":"Information Security","author":"A Saxena","year":"2009","unstructured":"Saxena, A., Wyseur, B., Preneel, B.: Towards security notions for white-box cryptography. In: Samarati, P., Yung, M., Martinelli, F., Ardagna, C.A. (eds.) ISC 2009. LNCS, vol. 5735, pp. 49\u201358. Springer, Heidelberg (2009)"},{"key":"10_CR30","volume-title":"Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software","author":"M Sikorski","year":"2012","unstructured":"Sikorski, M., Honig, A.: Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software, 1st edn. No Starch Press, San Francisco (2012)","edition":"1"}],"container-title":["Lecture Notes in Computer Science","Research in Attacks, Intrusions, and Defenses"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-45719-2_10","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,20]],"date-time":"2019-05-20T01:00:52Z","timestamp":1558314052000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-45719-2_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016]]},"ISBN":["9783319457185","9783319457192"],"references-count":30,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-45719-2_10","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2016]]},"assertion":[{"value":"7 September 2016","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"RAID","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Symposium on Research in Attacks, Intrusions, and Defenses","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Paris","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"France","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2016","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"19 September 2016","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"21 September 2016","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"19","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"raid2016","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}