{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,18]],"date-time":"2026-03-18T09:51:13Z","timestamp":1773827473650,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":43,"publisher":"ACM","license":[{"start":{"date-parts":[[2014,12,9]],"date-time":"2014-12-09T00:00:00Z","timestamp":1418083200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000181","name":"Air Force Office of Scientific Research","doi-asserted-by":"publisher","award":["FA9550-11-1-0191"],"award-info":[{"award-number":["FA9550-11-1-0191"]}],"id":[{"id":"10.13039\/100000181","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-1115829,III-1318343,CNS-1318955"],"award-info":[{"award-number":["CNS-1115829,III-1318343,CNS-1318955"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61173021"],"award-info":[{"award-number":["61173021"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2014,12,9]]},"DOI":"10.1145\/2689702.2689704","type":"proceedings-article","created":{"date-parts":[[2015,1,7]],"date-time":"2015-01-07T14:36:23Z","timestamp":1420641383000},"page":"1-9","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":13,"title":["A Framework for Understanding Dynamic Anti-Analysis Defenses"],"prefix":"10.1145","author":[{"given":"Jing","family":"Qiu","sequence":"first","affiliation":[{"name":"Harbin Institute of Technology, Harbin, China"}]},{"given":"Babak","family":"Yadegari","sequence":"additional","affiliation":[{"name":"The University of Arizona, Tucson, USA"}]},{"given":"Brian","family":"Johannesmeyer","sequence":"additional","affiliation":[{"name":"The University of Arizona, Tucson, USA"}]},{"given":"Saumya","family":"Debray","sequence":"additional","affiliation":[{"name":"The University of Arizona, Tucson, USA"}]},{"given":"Xiaohong","family":"Su","sequence":"additional","affiliation":[{"name":"Harbin Institute of Technology, Harbin, China"}]}],"member":"320","published-online":{"date-parts":[[2014,12,9]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Network and Distributed System Security Symposium (NDSS)","author":"Balzarotti D.","year":"2010","unstructured":"D. Balzarotti , M. Cova , C. Karlberger , C. Kruegel , E. Kirda , and G. Vigna . Efficient detection of split personalities in malware . In Network and Distributed System Security Symposium (NDSS) , 2010 . D. Balzarotti, M. Cova, C. Karlberger, C. Kruegel, E. Kirda, and G. Vigna. Efficient detection of split personalities in malware. In Network and Distributed System Security Symposium (NDSS), 2010."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-0-387-68768-1_4"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-0-387-68768-1_4"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.5555\/1788494.1788501"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-70542-0_8"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-47870-1_10"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.1976.233817"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/1168857.1168862"},{"issue":"1","key":"e_1_3_2_1_9_1","article-title":"Anti-debugging and anti-emulation techniques","volume":"5","author":"Danielescu A.","year":"2008","unstructured":"A. Danielescu . Anti-debugging and anti-emulation techniques . CodeBreakers Journal , 5 ( 1 ), 2008 . http:\/\/www.codebreakers-journal.com\/. A. Danielescu. Anti-debugging and anti-emulation techniques. CodeBreakers Journal, 5(1), 2008. http:\/\/www.codebreakers-journal.com\/.","journal-title":"CodeBreakers Journal"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455779"},{"key":"e_1_3_2_1_11_1","volume-title":"Mar.","author":"Dinaburg A.","year":"2000","unstructured":"A. Dinaburg , P. Royal , M. I. Sharif , and W. Lee Anti-anti-debugging tricks , Mar. 2000 . http:\/\/www.hcunix.net\/papers\/dose_anti_anti_debug.html. _dose. Anti-anti-debugging tricks, Mar. 2000. http:\/\/www.hcunix.net\/papers\/dose_anti_anti_debug.html."},{"key":"e_1_3_2_1_12_1","unstructured":"F. Falcon and N. Riva. Dynamic binary instrumentation frameworks: I know you are there spying on me. http:\/\/recon.cx\/2012\/schedule\/events\/216.en.html.  F. Falcon and N. Riva. Dynamic binary instrumentation frameworks: I know you are there spying on me. http:\/\/recon.cx\/2012\/schedule\/events\/216.en.html."},{"key":"e_1_3_2_1_13_1","volume-title":"Second CARO Workshop on Packers, Decryptors, and Obfuscators","author":"Ferrie P.","year":"2008","unstructured":"P. Ferrie . Anti-unpacker tricks . In Second CARO Workshop on Packers, Decryptors, and Obfuscators , May 2008 . P. Ferrie. Anti-unpacker tricks. In Second CARO Workshop on Packers, Decryptors, and Obfuscators, May 2008."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSAC.2005.53"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-47870-1_9"},{"key":"e_1_3_2_1_16_1","volume-title":"Sophos Labs","author":"Howard F.","year":"2010","unstructured":"F. Howard . Malware with your Mocha? Obfuscation and anti-emulation tricks in malicious JavaScript. Technical report , Sophos Labs , Sept. 2010 . F. Howard. Malware with your Mocha? Obfuscation and anti-emulation tricks in malicious JavaScript. Technical report, Sophos Labs, Sept. 2010."},{"key":"e_1_3_2_1_17_1","volume-title":"NDSS","author":"Kang M. G.","year":"2011","unstructured":"M. G. Kang , S. McCamant , P. Poosankam , and D. Song . Dta++: Dynamic taint analysis with targeted control-flow propagation . In NDSS , 2011 . M. G. Kang, S. McCamant, P. Poosankam, and D. Song. Dta++: Dynamic taint analysis with targeted control-flow propagation. In NDSS, 2011."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/1655148.1655151"},{"key":"e_1_3_2_1_19_1","volume-title":"The epic snake: Unraveling the mysteries of the Turla cyber-espionage campaign","author":"Lab Kaspersky","year":"2014","unstructured":"Kaspersky Lab . The epic snake: Unraveling the mysteries of the Turla cyber-espionage campaign . 7 Aug 2014 . http:\/\/www.kaspersky.com\/about\/news\/virus\/2014\/Unraveling-mysteries-of-Turla-cyber-espionage-campaign. Kaspersky Lab. The epic snake: Unraveling the mysteries of the Turla cyber-espionage campaign. 7 Aug 2014. http:\/\/www.kaspersky.com\/about\/news\/virus\/2014\/Unraveling-mysteries-of-Turla-cyber-espionage-campaign."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/32.581327"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1016\/0020-0190(88)90054-3"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"crossref","unstructured":"D. Kushner. The real story of Stuxnet. IEEE Spectrum. 26 Feb. 2013.  D. Kushner. The real story of Stuxnet. IEEE Spectrum. 26 Feb. 2013.","DOI":"10.1109\/MSPEC.2013.6471059"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-23644-0_18"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-39235-1_8"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/1065010.1065034"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.5555\/1884848.1884851"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2007.17"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2007.21"},{"key":"e_1_3_2_1_29_1","volume-title":"Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software","author":"Newsome J.","year":"2005","unstructured":"J. Newsome and D. Song . Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software . 2005 . J. Newsome and D. Song. Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. 2005."},{"key":"e_1_3_2_1_30_1","unstructured":"Oreans Technologies. Themida: Advanced windows software protection system. http:\/\/www.oreans.com\/themida.php.  Oreans Technologies. Themida: Advanced windows software protection system. http:\/\/www.oreans.com\/themida.php."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/390011.808263"},{"key":"e_1_3_2_1_32_1","volume-title":"Proc. 3rd USENIX Workshop on Offensive Technologies (WOOT '09)","author":"Paleari R.","year":"2009","unstructured":"R. Paleari , L. Martignoni , G. F. Roglia , and D. Bruschi . A fistful of red-pills: How to automatically generate procedures to detect CPU emulators . In Proc. 3rd USENIX Workshop on Offensive Technologies (WOOT '09) , Aug. 2009 . R. Paleari, L. Martignoni, G. F. Roglia, and D. Bruschi. A fistful of red-pills: How to automatically generate procedures to detect CPU emulators. In Proc. 3rd USENIX Workshop on Offensive Technologies (WOOT '09), Aug. 2009."},{"key":"e_1_3_2_1_33_1","volume-title":"10th International Conference on Security and Cryptography (SECRYPT)","author":"Sarwar G.","year":"2013","unstructured":"G. Sarwar , O. Mehani , R. Boreli , and D. Kaafar . On the effectiveness of dynamic taint analysis for protecting against private information leaks on android-based devices . In 10th International Conference on Security and Cryptography (SECRYPT) , 2013 . G. Sarwar, O. Mehani, R. Boreli, and D. Kaafar. On the effectiveness of dynamic taint analysis for protecting against private information leaks on android-based devices. In 10th International Conference on Security and Cryptography (SECRYPT), 2013."},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.26"},{"key":"e_1_3_2_1_35_1","volume-title":"Proc. 15th Network and Distributed System Security Symposium (NDSS)","author":"Sharif M. I.","year":"2008","unstructured":"M. I. Sharif , A. Lanzi , J. T. Giffin , and W. Lee . Impeding malware analysis using conditional code obfuscation . In Proc. 15th Network and Distributed System Security Symposium (NDSS) , Feb. 2008 . M. I. Sharif, A. Lanzi, J. T. Giffin, and W. Lee. Impeding malware analysis using conditional code obfuscation. In Proc. 15th Network and Distributed System Security Symposium (NDSS), Feb. 2008."},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.5555\/2372387.2372391"},{"key":"e_1_3_2_1_37_1","unstructured":"StrongBit Technology. EXECryptor -- bulletproof software protection. http:\/\/www.strongbit.com\/execryptor.asp.  StrongBit Technology. EXECryptor -- bulletproof software protection. http:\/\/www.strongbit.com\/execryptor.asp."},{"key":"e_1_3_2_1_38_1","series-title":"Lecture Notes in Computer Science","first-page":"216","volume-title":"Information Hiding","author":"Tan G.","year":"2006","unstructured":"G. Tan , Y. Chen , and M. H. Jakubowski . Delayed and controlled failures in tamper-resistant software . In Information Hiding , volume 4437 of Lecture Notes in Computer Science , pages 216 -- 231 . Springer , 2006 . G. Tan, Y. Chen, and M. H. Jakubowski. Delayed and controlled failures in tamper-resistant software. In Information Hiding, volume 4437 of Lecture Notes in Computer Science, pages 216--231. Springer, 2006."},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2011.24"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2005.24"},{"key":"e_1_3_2_1_41_1","volume-title":"Proc. 2005 Symposium on Cryptography and Information Security (SCIS2005)","author":"Wang P.","year":"2005","unstructured":"P. Wang , S. Kim , and K. Kim . Tamper resistant software through dynamic integrity checking . In Proc. 2005 Symposium on Cryptography and Information Security (SCIS2005) , Jan. 2005 . P. Wang, S. Kim, and K. Kim. Tamper resistant software through dynamic integrity checking. In Proc. 2005 Symposium on Cryptography and Information Security (SCIS2005), Jan. 2005."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2005.2"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1109\/SCAM.2014.43"}],"event":{"name":"PPREW-4: 4th Program Protection and Reverse Engineering Workshop","location":"New Orleans LA USA","acronym":"PPREW-4"},"container-title":["Proceedings of the 4th Program Protection and Reverse Engineering Workshop"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2689702.2689704","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2689702.2689704","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T18:55:46Z","timestamp":1750272946000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2689702.2689704"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014,12,9]]},"references-count":43,"alternative-id":["10.1145\/2689702.2689704","10.1145\/2689702"],"URL":"https:\/\/doi.org\/10.1145\/2689702.2689704","relation":{},"subject":[],"published":{"date-parts":[[2014,12,9]]},"assertion":[{"value":"2014-12-09","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}