{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:15:01Z","timestamp":1750306501734,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":27,"publisher":"ACM","license":[{"start":{"date-parts":[[2015,12,8]],"date-time":"2015-12-08T00:00:00Z","timestamp":1449532800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2015,12,8]]},"DOI":"10.1145\/2843859.2843863","type":"proceedings-article","created":{"date-parts":[[2015,12,30]],"date-time":"2015-12-30T13:13:44Z","timestamp":1451481224000},"page":"1-11","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["Flowtables"],"prefix":"10.1145","author":[{"given":"Luke","family":"Jones","sequence":"first","affiliation":[{"name":"MIT Lincoln Laboratory"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ryan","family":"Whelan","sequence":"additional","affiliation":[{"name":"MIT Lincoln Laboratory"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jeremy","family":"Blackthorne","sequence":"additional","affiliation":[{"name":"MIT Lincoln Laboratory"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Graham","family":"Baker","sequence":"additional","affiliation":[{"name":"MIT Lincoln Laboratory"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2015,12,8]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/1314257.1314263"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/2160158.2160159"},{"key":"e_1_3_2_1_3_1","volume-title":"Threat assessment of malicious code and human threats. Technical report","author":"Bassham L.","year":"1994","unstructured":"L. Bassham and W. T. Polk . Threat assessment of malicious code and human threats. Technical report , National Institute of Standards and Technology , 1994 . http:\/\/csrc.nist.gov\/publications\/nistir\/threats\/subsubsection3_3_1_1.html. L. Bassham and W. T. Polk. Threat assessment of malicious code and human threats. Technical report, National Institute of Standards and Technology, 1994. http:\/\/csrc.nist.gov\/publications\/nistir\/threats\/subsubsection3_3_1_1.html."},{"key":"e_1_3_2_1_4_1","first-page":"209","volume-title":"Proceedings of the 8th USENIX Conference on Operating Systems Design and Implementation, OSDI'08","author":"Cadar C.","year":"2008","unstructured":"C. Cadar , D. Dunbar , and D. Engler . Klee: Unassisted and automatic generation of high-coverage tests for complex systems programs . In Proceedings of the 8th USENIX Conference on Operating Systems Design and Implementation, OSDI'08 , pages 209 -- 224 , Berkeley, CA, USA , 2008 . USENIX Association. C. Cadar, D. Dunbar, and D. Engler. Klee: Unassisted and automatic generation of high-coverage tests for complex systems programs. In Proceedings of the 8th USENIX Conference on Operating Systems Design and Implementation, OSDI'08, pages 209--224, Berkeley, CA, USA, 2008. USENIX Association."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/349299.349311"},{"key":"e_1_3_2_1_6_1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"144","DOI":"10.1007\/3-540-45439-X_10","volume-title":"Information Security","author":"Chow S.","year":"2001","unstructured":"S. Chow , Y. Gu , H. Johnson , and V. Zakharov . An approach to the obfuscation of control-flow of sequential computer programs . In G. Davida and Y. Frankel, editors, Information Security , volume 2200 of Lecture Notes in Computer Science , pages 144 -- 155 . Springer Berlin Heidelberg , 2001 . S. Chow, Y. Gu, H. Johnson, and V. Zakharov. An approach to the obfuscation of control-flow of sequential computer programs. In G. Davida and Y. Frankel, editors, Information Security, volume 2200 of Lecture Notes in Computer Science, pages 144--155. Springer Berlin Heidelberg, 2001."},{"key":"e_1_3_2_1_7_1","volume-title":"Aug. 17","author":"Chow S.","year":"2004","unstructured":"S. Chow , H. Johnson , and Y. Gu . Tamper resistant software-control flow encoding , Aug. 17 2004 . US Patent 6,779,114. S. Chow, H. Johnson, and Y. Gu. Tamper resistant software-control flow encoding, Aug. 17 2004. US Patent 6,779,114."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/1379022.1375620"},{"key":"e_1_3_2_1_9_1","volume-title":"Department of Computer Science","author":"Collberg C.","year":"1997","unstructured":"C. Collberg , C. Thomborson , and D. Low . A taxonomy of obfuscating transformations. Technical report , Department of Computer Science , The University of Auckland , New Zealand , 1997 . C. Collberg, C. Thomborson, and D. Low. A taxonomy of obfuscating transformations. Technical report, Department of Computer Science, The University of Auckland, New Zealand, 1997."},{"key":"e_1_3_2_1_10_1","volume-title":"NAI Labs","author":"D'Anna L.","year":"2003","unstructured":"L. D'Anna , B. Matt , A. Reisse , T. V. Vleck , S. Schwab , and P. Leblanc . Self-protecting mobile agents obfuscation report -- final report. Technical report , NAI Labs , 2003 . http:\/\/citeseerx.ist.psu.edu\/viewdoc\/summary?doi=10.1.1.127.3668. L. D'Anna, B. Matt, A. Reisse, T. V. Vleck, S. Schwab, and P. Leblanc. Self-protecting mobile agents obfuscation report -- final report. Technical report, NAI Labs, 2003. http:\/\/citeseerx.ist.psu.edu\/viewdoc\/summary?doi=10.1.1.127.3668."},{"key":"e_1_3_2_1_11_1","volume-title":"June","author":"Dinaburg A.","year":"2014","unstructured":"A. Dinaburg and A. Ruef . Mcsema: Static translation of x86 instructions to llvm. https:\/\/www.trailofbits.com\/resources\/McSema.pdf , June 2014 . Trail of Bits . A. Dinaburg and A. Ruef. Mcsema: Static translation of x86 instructions to llvm. https:\/\/www.trailofbits.com\/resources\/McSema.pdf, June 2014. Trail of Bits."},{"key":"e_1_3_2_1_12_1","volume-title":"Repeatable reverse engineering for the greater good with panda. Technical report","author":"Dolan-Gavitt B.","year":"2014","unstructured":"B. Dolan-Gavitt , J. Hodosh , P. Hulin , T. Leek , and R. Whelan . Repeatable reverse engineering for the greater good with panda. Technical report , Columbia University , 2014 . https:\/\/mice.cs.columbia.edu\/getTechreport.php?techreportID=1588&disposition=inline&format=pdf. B. Dolan-Gavitt, J. Hodosh, P. Hulin, T. Leek, and R. Whelan. Repeatable reverse engineering for the greater good with panda. Technical report, Columbia University, 2014. https:\/\/mice.cs.columbia.edu\/getTechreport.php?techreportID=1588&disposition=inline&format=pdf."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/2556464.2556465"},{"key":"e_1_3_2_1_14_1","unstructured":"A. Kotik. Nanomite and debug blocker technologies: Scheme pros cons. http:\/\/www.apriorit.com\/white-papers\/293-nanomite-technology 2013.  A. Kotik. Nanomite and debug blocker technologies: Scheme pros cons. http:\/\/www.apriorit.com\/white-papers\/293-nanomite-technology 2013."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.5555\/977395.977673"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/1251535.1251542"},{"key":"e_1_3_2_1_17_1","volume-title":"On program security and obfuscation. https:\/\/www.eecs.berkeley.edu\/~daw\/teaching\/cs261-f98\/projects\/final-reports\/jmacd.ps","author":"Macdonald J.","year":"1998","unstructured":"J. Macdonald . On program security and obfuscation. https:\/\/www.eecs.berkeley.edu\/~daw\/teaching\/cs261-f98\/projects\/final-reports\/jmacd.ps , 1998 . J. Macdonald. On program security and obfuscation. https:\/\/www.eecs.berkeley.edu\/~daw\/teaching\/cs261-f98\/projects\/final-reports\/jmacd.ps, 1998."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2007.21"},{"key":"e_1_3_2_1_19_1","unstructured":"C. L. Noll J. Horn P. Seebach and L. A. Broukhis. International obfuscated c code contest. http:\/\/www.ioccc.org\/.  C. L. Noll J. Horn P. Seebach and L. A. Broukhis. International obfuscated c code contest. http:\/\/www.ioccc.org\/."},{"key":"e_1_3_2_1_20_1","first-page":"437","volume-title":"3rd International Workshop on Information Security Applications","author":"Ogiso T.","year":"2002","unstructured":"T. Ogiso , Y. Sakabe , M. Soshi , and A. Miyaji . Software tamper resistance based on the difficulty of interprocedural analysis. In of Interprocedural Analysis , 3rd International Workshop on Information Security Applications , pages 437 -- 452 , 2002 . T. Ogiso, Y. Sakabe, M. Soshi, and A. Miyaji. Software tamper resistance based on the difficulty of interprocedural analysis. In of Interprocedural Analysis, 3rd International Workshop on Information Security Applications, pages 437--452, 2002."},{"key":"e_1_3_2_1_21_1","volume-title":"February","author":"Schiffman M.","year":"2010","unstructured":"M. Schiffman . A brief history of malware obfuscation. https:\/\/blogs.cisco.com\/security\/a_brief_history_of_malware_obfuscation_part_1_of_2 , February 2010 . Cisco . M. Schiffman. A brief history of malware obfuscation. https:\/\/blogs.cisco.com\/security\/a_brief_history_of_malware_obfuscation_part_1_of_2, February 2010. Cisco."},{"key":"e_1_3_2_1_22_1","volume-title":"Flowers for automated malware analysis. Technical report","author":"Song C.","year":"2012","unstructured":"C. Song and P. Royal . Flowers for automated malware analysis. Technical report , Georgia Institute of Technology , 2012 . https:\/\/media.blackhat.com\/bh-us-12\/Briefings\/Song\/BH_US_12_Song_Royal_Flowers_Automated_WP.pdf. C. Song and P. Royal. Flowers for automated malware analysis. Technical report, Georgia Institute of Technology, 2012. https:\/\/media.blackhat.com\/bh-us-12\/Briefings\/Song\/BH_US_12_Song_Royal_Flowers_Automated_WP.pdf."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-013-0194-3"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/WCRE.2005.13"},{"key":"e_1_3_2_1_25_1","volume-title":"Code obfuscation and virus detection. Master's thesis","author":"Venkatesan A.","year":"2008","unstructured":"A. Venkatesan . Code obfuscation and virus detection. Master's thesis , San Jose State University , May 2008 . http:\/\/scholarworks.sjsu.edu\/cgi\/viewcontent.cgi?article=1115&context=etd_projects. A. Venkatesan. Code obfuscation and virus detection. Master's thesis, San Jose State University, May 2008. http:\/\/scholarworks.sjsu.edu\/cgi\/viewcontent.cgi?article=1115&context=etd_projects."},{"key":"e_1_3_2_1_26_1","volume-title":"Software tamper resistance: Obstructing static analysis of programs. Technical report","author":"Wang C.","year":"2000","unstructured":"C. Wang , J. Hill , J. Knight , and J. Davidson . Software tamper resistance: Obstructing static analysis of programs. Technical report , University of Virginia , Charlottesville, VA, USA , 2000 . http:\/\/logic.pdmi.ras.ru\/~yura\/of\/whkd2000.pdf. C. Wang, J. Hill, J. Knight, and J. Davidson. Software tamper resistance: Obstructing static analysis of programs. Technical report, University of Virginia, Charlottesville, VA, USA, 2000. http:\/\/logic.pdmi.ras.ru\/~yura\/of\/whkd2000.pdf."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-006-0028-7"}],"event":{"name":"PPREW-5: Program Protection and Reverse Engineering Workshop","acronym":"PPREW-5","location":"Los Angeles CA USA"},"container-title":["Proceedings of the 5th Program Protection and Reverse Engineering Workshop"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2843859.2843863","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2843859.2843863","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T05:48:50Z","timestamp":1750225730000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2843859.2843863"}},"subtitle":["Program Skeletal Inversion for Defeat of Interprocedural Analysis with Unique Metamorphism"],"short-title":[],"issued":{"date-parts":[[2015,12,8]]},"references-count":27,"alternative-id":["10.1145\/2843859.2843863","10.1145\/2843859"],"URL":"https:\/\/doi.org\/10.1145\/2843859.2843863","relation":{},"subject":[],"published":{"date-parts":[[2015,12,8]]},"assertion":[{"value":"2015-12-08","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}