{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,4]],"date-time":"2024-09-04T22:59:30Z","timestamp":1725490770437},"reference-count":32,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2014,10]]},"DOI":"10.1109\/malware.2014.6999403","type":"proceedings-article","created":{"date-parts":[[2015,1,20]],"date-time":"2015-01-20T02:44:39Z","timestamp":1421721879000},"page":"118-127","source":"Crossref","is-referenced-by-count":2,"title":["Codescanner: Detecting (Hidden) x86\/x64 code in arbitrary files"],"prefix":"10.1109","author":[{"given":"Viviane","family":"Zwanger","sequence":"first","affiliation":[{"name":"Institute of Computer Science 4, University of Bonn, Fraunhofer FKIE"}]},{"given":"Elmar","family":"Gerhards-Padilla","sequence":"additional","affiliation":[{"name":"Institute of Computer Science 4, University of Bonn, Fraunhofer FKIE"}]},{"given":"Michael","family":"Meier","sequence":"additional","affiliation":[{"name":"Institute of Computer Science 4, University of Bonn, Fraunhofer FKIE"}]}],"member":"263","reference":[{"key":"19","first-page":"255","article-title":"Static disassembly of obfuscated binaries","author":"kruegel","year":"2004","journal-title":"USENIX Security Symposium"},{"key":"17","first-page":"423","article-title":"Jakstab: A static analysis platform for binaries","author":"kinder","year":"2008","journal-title":"CAV"},{"key":"18","doi-asserted-by":"publisher","DOI":"10.1109\/WCRE.2009.16"},{"key":"15","doi-asserted-by":"publisher","DOI":"10.1145\/1314389.1314399"},{"key":"16","doi-asserted-by":"publisher","DOI":"10.1109\/MALWARE.2010.5665794"},{"key":"13","doi-asserted-by":"crossref","DOI":"10.1109\/WATeR.2013.6707878","article-title":"A new instruction overlapping technique for improved anti-disassembly and obfuscation of x86 binaries","author":"jaemthagen","year":"2013","journal-title":"Workshop on Anti-malware Testing Research (WATeR)"},{"key":"14","doi-asserted-by":"publisher","DOI":"10.1109\/MALWARE.2010.5665789"},{"journal-title":"The Interactive Disassembler","year":"0","author":"guilfanov","key":"11"},{"key":"12","first-page":"102","article-title":"A static, packer-agnostic filter to detect similar malware samples","author":"jacob","year":"2012","journal-title":"Proc of the 9th DIMVA'12"},{"key":"21","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2007.15"},{"key":"20","doi-asserted-by":"publisher","DOI":"10.1145\/948148.948149"},{"key":"22","doi-asserted-by":"publisher","DOI":"10.1016\/j.patrec.2008.06.016"},{"key":"23","doi-asserted-by":"publisher","DOI":"10.1109\/WCRE.2007.18"},{"journal-title":"Scientific but Not Academical Overview of Malware Anti-debugging Anti-disassembly and Anti-vm Technologies","year":"2012","author":"rodrigo rubira branco","key":"24"},{"key":"25","article-title":"Unpacking virtualization obfuscators","author":"rolles","year":"2009","journal-title":"Proc of the 3rd USENIX Conference on Offensive Technologies (WOOT'09) Berkeley CA USA"},{"key":"26","first-page":"289","article-title":"Polyunpack: Automating the hidden-code extraction of unpack-executing malware","author":"royal","year":"2006","journal-title":"Proc of the 22nd Annual Computer Security Applications Conference"},{"key":"27","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2009.27"},{"journal-title":"Qwerton Peid","year":"0","author":"snaker","key":"28"},{"key":"29","article-title":"OllyBone: Semi-Automatic Unpacking on IA-32","author":"stewart","year":"2006","journal-title":"In Defcon 11"},{"key":"3","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-013-0185-4"},{"key":"2","doi-asserted-by":"publisher","DOI":"10.1109\/MALWARE.2013.6703681"},{"journal-title":"Forensic Physical Memory Analysis An Overview of Tools and Techniques","year":"2007","author":"garcia","key":"10"},{"journal-title":"The Volatility Framework","year":"0","author":"auty","key":"1"},{"key":"30","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-23808-6_34"},{"key":"7","doi-asserted-by":"publisher","DOI":"10.1109\/TC.2012.65"},{"key":"6","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-41284-4_10"},{"journal-title":"Ragpicker","year":"0","author":"zeitfuchs","key":"32"},{"journal-title":"Pandora's Bochs Automated Unpacking of Mal-ware","year":"2008","author":"b\ufffdhne","key":"5"},{"key":"31","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-006-0028-7"},{"key":"4","doi-asserted-by":"publisher","DOI":"10.1504\/IJESDF.2007.016865"},{"key":"9","doi-asserted-by":"publisher","DOI":"10.1016\/0167-4048(93)90054-9"},{"journal-title":"Malware Normalization","year":"2005","author":"christodorescu","key":"8"}],"event":{"name":"2014 9th International Conference on Malicious and Unwanted Software: \"The Americas\" (MALWARE)","start":{"date-parts":[[2014,10,28]]},"location":"Fajardo, PR, USA","end":{"date-parts":[[2014,10,30]]}},"container-title":["2014 9th International Conference on Malicious and Unwanted Software: The Americas (MALWARE)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/6987537\/6999400\/06999403.pdf?arnumber=6999403","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,6,8]],"date-time":"2021-06-08T07:04:29Z","timestamp":1623135869000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/6999403\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014,10]]},"references-count":32,"URL":"https:\/\/doi.org\/10.1109\/malware.2014.6999403","relation":{},"subject":[],"published":{"date-parts":[[2014,10]]}}}