{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,3]],"date-time":"2026-03-03T16:08:09Z","timestamp":1772554089331,"version":"3.50.1"},"publisher-location":"Cham","reference-count":28,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319934105","type":"print"},{"value":"9783319934112","type":"electronic"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-93411-2_17","type":"book-chapter","created":{"date-parts":[[2018,6,7]],"date-time":"2018-06-07T07:49:28Z","timestamp":1528357768000},"page":"372-392","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":43,"title":["Symbolic Deobfuscation: From Virtualized Code Back to the Original"],"prefix":"10.1007","author":[{"given":"Jonathan","family":"Salwan","sequence":"first","affiliation":[]},{"given":"S\u00e9bastien","family":"Bardin","sequence":"additional","affiliation":[]},{"given":"Marie-Laure","family":"Potet","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,6,8]]},"reference":[{"key":"17_CR1","doi-asserted-by":"crossref","unstructured":"Bardin, S., David, R., Marion, J.-Y.: Backward-bounded DSE: targeting infeasibility questions on obfuscated codes. In: S&P, pp. 633\u2013651. IEEE (2017)","DOI":"10.1109\/SP.2017.36"},{"key":"17_CR2","doi-asserted-by":"crossref","unstructured":"Banescu, S., Collberg, C., Ganesh, V., Newsham, Z., Pretschner, A.: Code obfuscation against symbolic execution attacks. In: ACSAC (2016)","DOI":"10.1145\/2991079.2991114"},{"key":"17_CR3","unstructured":"Codevirtualizer. \n                      https:\/\/oreans.com\/codevirtualizer.php"},{"key":"17_CR4","unstructured":"Themida. \n                      https:\/\/www.oreans.com\/themida.php"},{"key":"17_CR5","unstructured":"Tigress: C diversifier\/obfuscator. \n                      http:\/\/tigress.cs.arizona.edu\/"},{"key":"17_CR6","doi-asserted-by":"crossref","unstructured":"Clause, J., Li, W., Orso, A.: Dytan: a generic dynamic taint analysis framework. In: ISSTA. ACM (2007)","DOI":"10.1145\/1273463.1273490"},{"key":"17_CR7","doi-asserted-by":"crossref","unstructured":"Coogan, K., Lu, G., Debray, S.: Deobfuscation of virtualization-obfuscated software: a semantics-based approach. In: CCS. ACM (2011)","DOI":"10.1145\/2046707.2046739"},{"key":"17_CR8","unstructured":"Eyrolles, N., Guinet, A., Videau, M.: Arybo: Manipulation, canonicalization and identification of mixed Boolean-arithmetic symbolic expressions. In: GreHack (2016)"},{"issue":"5","key":"17_CR9","doi-asserted-by":"publisher","first-page":"30","DOI":"10.1109\/MS.2008.109","volume":"25","author":"P Godefroid","year":"2008","unstructured":"Godefroid, P., de Halleux, J., Nori, A.V., Rajamani, S.K., Schulte, W., Tillmann, N., Levin, M.Y.: Automating software testing using program analysis. IEEE Softw. 25(5), 30\u201337 (2008)","journal-title":"IEEE Softw."},{"issue":"6","key":"17_CR10","doi-asserted-by":"publisher","first-page":"213","DOI":"10.1145\/1064978.1065036","volume":"40","author":"Patrice Godefroid","year":"2005","unstructured":"Godefroid, P., Klarlund, N., Sen, K.: DART: directed automated random testing. In: PLDI. ACM (2005)","journal-title":"ACM SIGPLAN Notices"},{"key":"17_CR11","doi-asserted-by":"crossref","unstructured":"Jha, S., Gulwani, S., Seshia, S.A., Tiwari, A.: Oracle-guided component-based program synthesis. In: ICSE. ACM\/IEEE (2010)","DOI":"10.1145\/1806799.1806833"},{"key":"17_CR12","doi-asserted-by":"crossref","unstructured":"Kinder, J.: Towards static analysis of virtualization-obfuscated binaries. In: 19th Working Conference on Reverse Engineering, WCRE (2012)","DOI":"10.1109\/WCRE.2012.16"},{"key":"17_CR13","unstructured":"Lattner, C., Adve, V.: LLVM: a compilation framework for lifelong program analysis and transformation (2004)"},{"key":"17_CR14","unstructured":"Maximus: Reversing a simple virtual machine. CodeBreakers 1.2 (2006)"},{"key":"17_CR15","doi-asserted-by":"crossref","unstructured":"David, R., Bardin, S., Feist, J., Mounier, L., Potet, M-L., Thanh Dinh Ta, Marion, J-Y.: Specification of concretization and symbolization policies in symbolic execution. In: ISSTA. ACM (2016)","DOI":"10.1145\/2931037.2931048"},{"key":"17_CR16","unstructured":"Rolles, R.: Defeating HyperUnpackMe2 with an IDA processor module (2007)"},{"key":"17_CR17","unstructured":"Rolles, R.: Unpacking virtualization obfuscators. In: WOOT (2009)"},{"key":"17_CR18","unstructured":"Salwan, J., Bardin, S., Potet, M.L.: Deobfuscation of VM based software protection. In: SSTIC (2017)"},{"key":"17_CR19","unstructured":"Saudel, F., Salwan, J.: Triton: a dynamic symbolic execution framework. In: SSTIC (2015)"},{"key":"17_CR20","unstructured":"Scherzo: Inside code virtualizer (2007)"},{"key":"17_CR21","doi-asserted-by":"crossref","unstructured":"Sen, K., Marinov, D., Agha, G.: CUTE: a concolic unit testing engine for C. In: FSE (2005)","DOI":"10.21236\/ADA482657"},{"key":"17_CR22","doi-asserted-by":"crossref","unstructured":"Sharif, M.I., Lanzi, A., Giffin, J.T., Lee, W.: Automatic reverse engineering of malware emulators. In: S&P. IEEE (2009)","DOI":"10.1109\/SP.2009.27"},{"key":"17_CR23","unstructured":"VMprotect. (2003\u20132017). \n                      http:\/\/vmpsoft.com"},{"key":"17_CR24","doi-asserted-by":"crossref","unstructured":"Yadegari, B., Debray, S.: Symbolic execution of obfuscated code. In: CCS (2015)","DOI":"10.1145\/2810103.2813663"},{"key":"17_CR25","doi-asserted-by":"crossref","unstructured":"Yadegari, B., Johannesmeyer, B., Whitely, B., Debray, S.: A generic approach to automatic deobfuscation of executable code. In: S&P. IEEE (2015)","DOI":"10.1109\/SP.2015.47"},{"key":"17_CR26","unstructured":"Vanegue, J., Heelan, S., Rolles, R.: SMT Solvers in Software Security. In: WOOT (2012)"},{"key":"17_CR27","doi-asserted-by":"crossref","unstructured":"Schwartz, E.J., Avgerinos, T., Brumley, D.: All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask). In: S&P. IEEE (2010)","DOI":"10.1109\/SP.2010.26"},{"key":"17_CR28","unstructured":"Blazytko, T., Contag, M., Aschermann, C., Holz, T.: Syntia: Synthesizing the semantics of obfuscated code. In: USENIX Security Symposium. Usenix (2017)"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-93411-2_17","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,3,3]],"date-time":"2020-03-03T03:19:37Z","timestamp":1583205577000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-93411-2_17"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783319934105","9783319934112"],"references-count":28,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-93411-2_17","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018]]},"assertion":[{"value":"8 June 2018","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DIMVA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Saclay","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"France","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28 June 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29 June 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"dimva2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.dimva2018.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}