{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,26]],"date-time":"2026-02-26T15:55:05Z","timestamp":1772121305595,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":46,"publisher":"ACM","license":[{"start":{"date-parts":[[2015,10,12]],"date-time":"2015-10-12T00:00:00Z","timestamp":1444608000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2015,10,12]]},"DOI":"10.1145\/2810103.2813663","type":"proceedings-article","created":{"date-parts":[[2015,10,6]],"date-time":"2015-10-06T15:22:12Z","timestamp":1444144932000},"page":"732-744","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":62,"title":["Symbolic Execution of Obfuscated Code"],"prefix":"10.1145","author":[{"given":"Babak","family":"Yadegari","sequence":"first","affiliation":[{"name":"University of Arizona, Tucson, AZ, USA"}]},{"given":"Saumya","family":"Debray","sequence":"additional","affiliation":[{"name":"University of Arizona, Tucson, AZ, USA"}]}],"member":"320","published-online":{"date-parts":[[2015,10,12]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Proc. 16th Annual Network and Distributed System Security Symposium (NDSS 2009)","author":"Bayer U.","year":"2009","unstructured":"U. Bayer , P. Milani , C. Hlauschek , C. Kruegel , and E. Kirda . Scalable, behavior-based malware clustering . In Proc. 16th Annual Network and Distributed System Security Symposium (NDSS 2009) , Feb. 2009 . U. Bayer, P. Milani, C. Hlauschek, C. Kruegel, and E. Kirda. Scalable, behavior-based malware clustering. In Proc. 16th Annual Network and Distributed System Security Symposium (NDSS 2009), Feb. 2009."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-006-0012-2"},{"key":"e_1_3_2_1_3_1","first-page":"65","volume":"36","author":"Brumley D.","year":"2008","unstructured":"D. Brumley , C. Hartwig , Z. Liang , J. Newsome , D. X. Song , and H. Yin . Automatically identifying trigger-based behavior in malware. In Botnet Detection: Countering the Largest Security Threat , volume 36 , pages 65 - 88 . 2008 . D. Brumley, C. Hartwig, Z. Liang, J. Newsome, D. X. Song, and H. Yin. Automatically identifying trigger-based behavior in malware. In Botnet Detection: Countering the Largest Security Threat, volume 36, pages 65-88. 2008.","journal-title":"Automatically identifying trigger-based behavior in malware. In Botnet Detection: Countering the Largest Security Threat"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1007\/11537328_2"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/1455518.1455522"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1985793.1985995"},{"key":"e_1_3_2_1_7_1","volume-title":"Anti-taint-analysis: Practical evasion techniques against information flow based malware defense","author":"Cavallaro L.","year":"2007","unstructured":"L. Cavallaro , P. Saxena , and R. Sekar . Anti-taint-analysis: Practical evasion techniques against information flow based malware defense . Stony Brook University , Stony Brook , New York, 2007 . L. Cavallaro, P. Saxena, and R. Sekar. Anti-taint-analysis: Practical evasion techniques against information flow based malware defense. Stony Brook University, Stony Brook, New York, 2007."},{"key":"e_1_3_2_1_8_1","volume-title":"Malware and Vulnerability Analysis (DIMVA)","author":"Cavallaro L.","year":"2008","unstructured":"L. Cavallaro , P. Saxena , and R. Sekar . On the limits of information flow techniques for malware analysis and containment. In Detection of Intrusions , Malware and Vulnerability Analysis (DIMVA) , July 2008 . L. Cavallaro, P. Saxena, and R. Sekar. On the limits of information flow techniques for malware analysis and containment. In Detection of Intrusions, Malware and Vulnerability Analysis (DIMVA), July 2008."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.31"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/1950365.1950396"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/1273463.1273490"},{"key":"e_1_3_2_1_12_1","first-page":"275","volume-title":"Proc. ACM Conference on Computer and Communications Security (CCS)","author":"Coogan K.","year":"2011","unstructured":"K. Coogan , G. Lu , and S. Debray . Deobfuscating virtualization-obfuscated software: A semantics-based approach . In Proc. ACM Conference on Computer and Communications Security (CCS) , pages 275 - 284 , Oct. 2011 . K. Coogan, G. Lu, and S. Debray. Deobfuscating virtualization-obfuscated software: A semantics-based approach. In Proc. ACM Conference on Computer and Communications Security (CCS), pages 275-284, Oct. 2011."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/1168857.1168862"},{"key":"e_1_3_2_1_14_1","volume-title":"Trend Micro","author":"Decker A.","year":"2009","unstructured":"A. Decker , D. Sancho , M. Goncharov , and R. McArdle . Ilomo: A study of the ilomo\/clampi botnet. Technical report , Trend Micro , Aug. 2009 . A. Decker, D. Sancho, M. Goncharov, and R. McArdle. Ilomo: A study of the ilomo\/clampi botnet. Technical report, Trend Micro, Aug. 2009."},{"key":"e_1_3_2_1_15_1","first-page":"1","volume":"7","author":"Drewry W.","year":"2007","unstructured":"W. Drewry and T. Ormandy . Flayer: Exposing application internals. WOOT , 7 : 1 - 9 , 2007 . W. Drewry and T. Ormandy. Flayer: Exposing application internals. WOOT, 7:1-9, 2007.","journal-title":"Flayer: Exposing application internals. WOOT"},{"key":"e_1_3_2_1_16_1","volume-title":"Symantec Corp.","author":"Falliere N.","year":"2009","unstructured":"N. Falliere . Inside the jaws of Trojan. Clampi. Technical report , Symantec Corp. , Nov. 2009 . N. Falliere. Inside the jaws of Trojan. Clampi. Technical report, Symantec Corp., Nov. 2009."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1065010.1065036"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICC.2013.6654811"},{"key":"e_1_3_2_1_19_1","volume-title":"Proc. 10th Australasian Information Security Conference (AISC 2012)","author":"Hauser C.","year":"2012","unstructured":"C. Hauser , F. Tronel , J. F. Reid , and C. J. Fidge . A taint marking approach to confidentiality violation detection . In Proc. 10th Australasian Information Security Conference (AISC 2012) , Jan. 30 2012 . C. Hauser, F. Tronel, J. F. Reid, and C. J. Fidge. A taint marking approach to confidentiality violation detection. In Proc. 10th Australasian Information Security Conference (AISC 2012), Jan. 30 2012."},{"key":"e_1_3_2_1_20_1","volume-title":"Intel\u00c2\u00bf 64 and ia-32 architectures software developer's manual","year":"2015","unstructured":"Intel. Intel\u00c2\u00bf 64 and ia-32 architectures software developer's manual . 2015 . Intel. Intel\u00c2\u00bf 64 and ia-32 architectures software developer's manual. 2015."},{"key":"e_1_3_2_1_21_1","volume-title":"NDSS","author":"Kang M. G.","year":"2011","unstructured":"M. G. Kang , S. McCamant , P. Poosankam , and D. Song . Dta++: Dynamic taint analysis with targeted control-flow propagation . In NDSS , 2011 . M. G. Kang, S. McCamant, P. Poosankam, and D. Song. Dta++: Dynamic taint analysis with targeted control-flow propagation. In NDSS, 2011."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/360248.360252"},{"key":"e_1_3_2_1_23_1","volume-title":"Proc. 13th USENIX Security Symposium","author":"Kruegel C.","year":"2004","unstructured":"C. Kruegel , W. Robertson , F. Valeur , and G. Vigna . Static disassembly of obfuscated binaries . In Proc. 13th USENIX Security Symposium , Aug. 2004 . C. Kruegel, W. Robertson, F. Valeur, and G. Vigna. Static disassembly of obfuscated binaries. In Proc. 13th USENIX Security Symposium, Aug. 2004."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2005.120"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/1065010.1065034"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2007.17"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2007.17"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/CGO.2006.6"},{"key":"e_1_3_2_1_29_1","volume-title":"NDSS","author":"Newsome J.","year":"2005","unstructured":"J. Newsome and D. Song . Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software . In NDSS , 2005 . J. Newsome and D. Song. Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In NDSS, 2005."},{"key":"e_1_3_2_1_30_1","unstructured":"Oreans Technologies. Code virtualizer: Total obfuscation against reverse engineering. www.oreans.com\/codevirtualizer.php.  Oreans Technologies. Code virtualizer: Total obfuscation against reverse engineering. www.oreans.com\/codevirtualizer.php."},{"key":"e_1_3_2_1_31_1","unstructured":"Oreans Technologies. Themida: Advanced windows software protection system. www.oreans.com\/themida.php.  Oreans Technologies. Themida: Advanced windows software protection system. www.oreans.com\/themida.php."},{"key":"e_1_3_2_1_32_1","volume-title":"10th International Conference on Security and Cryptography (SECRYPT)","author":"Sarwar G.","year":"2013","unstructured":"G. Sarwar , O. Mehani , R. Boreli , and D. Kaafar . On the effectiveness of dynamic taint analysis for protecting against private information leaks on android-based devices . In 10th International Conference on Security and Cryptography (SECRYPT) , 2013 . G. Sarwar, O. Mehani, R. Boreli, and D. Kaafar. On the effectiveness of dynamic taint analysis for protecting against private information leaks on android-based devices. In 10th International Conference on Security and Cryptography (SECRYPT), 2013."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.26"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/1081706.1081750"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2009.27"},{"key":"e_1_3_2_1_36_1","volume-title":"Proc. 15th Network and Distributed System Security Symposium (NDSS)","author":"Sharif M. I.","year":"2008","unstructured":"M. I. Sharif , A. Lanzi , J. T. Giffin , and W. Lee . Impeding malware analysis using conditional code obfuscation . In Proc. 15th Network and Distributed System Security Symposium (NDSS) , Feb. 2008 . M. I. Sharif, A. Lanzi, J. T. Giffin, and W. Lee. Impeding malware analysis using conditional code obfuscation. In Proc. 15th Network and Distributed System Security Symposium (NDSS), Feb. 2008."},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-89862-7_1"},{"key":"e_1_3_2_1_38_1","unstructured":"StrongBit Technology. EXECryptor -bulletproof software protection. www.strongbit.com\/execryptor.asp.  StrongBit Technology. EXECryptor -bulletproof software protection. www.strongbit.com\/execryptor.asp."},{"key":"e_1_3_2_1_39_1","unstructured":"Tora. Devirtualizing FinSpy. http:\/\/linuxch.org\/poc2012\/Tora DevirtualizingFinSpy.pdf.  Tora. Devirtualizing FinSpy. http:\/\/linuxch.org\/poc2012\/Tora DevirtualizingFinSpy.pdf."},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1109\/WCRE.2005.13"},{"key":"e_1_3_2_1_41_1","unstructured":"VMProtect Software. VMProtect -New-generation software protection. www.vmprotect.ru\/  VMProtect Software. VMProtect -New-generation software protection. www.vmprotect.ru\/"},{"key":"e_1_3_2_1_42_1","volume-title":"Vx heavens","author":"Heavens VX","year":"2011","unstructured":"VX Heavens . Vx heavens , 2011 . http:\/\/vx.netlux.org\/ VX Heavens. Vx heavens, 2011. http:\/\/vx.netlux.org\/"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.5555\/2041225.2041241"},{"key":"e_1_3_2_1_44_1","unstructured":"Wei Ming Khoo. Taintgrind: a Valgrind taint analysis tool. https:\/\/github.com\/wmkhoo\/taintgrind.  Wei Ming Khoo. Taintgrind: a Valgrind taint analysis tool. https:\/\/github.com\/wmkhoo\/taintgrind."},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.47"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4614-5523-3_6"}],"event":{"name":"CCS'15: The 22nd ACM Conference on Computer and Communications Security","location":"Denver Colorado USA","acronym":"CCS'15","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2810103.2813663","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2810103.2813663","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T05:48:24Z","timestamp":1750225704000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2810103.2813663"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,10,12]]},"references-count":46,"alternative-id":["10.1145\/2810103.2813663","10.1145\/2810103"],"URL":"https:\/\/doi.org\/10.1145\/2810103.2813663","relation":{},"subject":[],"published":{"date-parts":[[2015,10,12]]},"assertion":[{"value":"2015-10-12","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}