{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,27]],"date-time":"2025-10-27T16:13:10Z","timestamp":1761581590691,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":29,"publisher":"ACM","license":[{"start":{"date-parts":[[2017,8,29]],"date-time":"2017-08-29T00:00:00Z","timestamp":1503964800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"German Research Foundation (DFG)","award":["SFB\/TR 89"],"award-info":[{"award-number":["SFB\/TR 89"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2017,8,29]]},"DOI":"10.1145\/3098954.3098995","type":"proceedings-article","created":{"date-parts":[[2017,8,10]],"date-time":"2017-08-10T12:12:36Z","timestamp":1502367156000},"page":"1-10","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":22,"title":["VMAttack"],"prefix":"10.1145","author":[{"given":"Anatoli","family":"Kalysch","sequence":"first","affiliation":[{"name":"FAU Erlangen-Nuremberg"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Johannes","family":"G\u00f6tzfried","sequence":"additional","affiliation":[{"name":"FAU Erlangen-Nuremberg"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tilo","family":"M\u00fcller","sequence":"additional","affiliation":[{"name":"FAU Erlangen-Nuremberg"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2017,8,29]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"About Self-Protecting Digital Content. (2009). https:\/\/www.rambus.com\/about-spdc\/, accessed on 06","author":"Rambus Inc. 2009.","year":"2017","unstructured":"Rambus Inc. 2009. About Self-Protecting Digital Content. (2009). https:\/\/www.rambus.com\/about-spdc\/, accessed on 06 . March 2017 . Rambus Inc. 2009. About Self-Protecting Digital Content. (2009). https:\/\/www.rambus.com\/about-spdc\/, accessed on 06. March 2017."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/93548.93576"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/1179509.1179521"},{"key":"e_1_3_2_1_4_1","unstructured":"Samuel Chevet. 2015. Inside VMProtect. (2015). http:\/\/lille1tv.univ-lille1.fr\/telecharge.aspx?id=d5b2487e-cacc-4596-ab37-dab2b362cb9e accessed on 10. March 2017.  Samuel Chevet. 2015. Inside VMProtect. (2015). http:\/\/lille1tv.univ-lille1.fr\/telecharge.aspx?id=d5b2487e-cacc-4596-ab37-dab2b362cb9e accessed on 10. March 2017."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046739"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"crossref","unstructured":"Iain D. Craig. 2006. Virtual Machines. Springer-Verlag.  Iain D. Craig. 2006. Virtual Machines. Springer-Verlag.","DOI":"10.1007\/978-1-84628-246-1"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-17401-8_21"},{"key":"e_1_3_2_1_9_1","volume":"200","author":"Eilam E.","unstructured":"E. Eilam and E. J. Chikofsky. 200 5. Reversing: secrets of reverse engineering. Wiley. E. Eilam and E. J. Chikofsky. 2005. Reversing: secrets of reverse engineering. Wiley.","journal-title":"J. Chikofsky."},{"key":"e_1_3_2_1_10_1","series-title":"Lecture Notes in Computer Science","volume-title":"Information Security, Xuejia Lai, Jianying Zhou, and Hui Li (Eds.)","author":"Fang Hui","unstructured":"Hui Fang , Yongdong Wu , Shuhong Wang , and Yin Huang . 2011. Multi-stage Binary Code Obfuscation Using Improved Virtual Machine . In Information Security, Xuejia Lai, Jianying Zhou, and Hui Li (Eds.) . Lecture Notes in Computer Science , Vol. 7001 . Springer Berlin Heidelberg , 168--181. Hui Fang, Yongdong Wu, Shuhong Wang, and Yin Huang. 2011. Multi-stage Binary Code Obfuscation Using Improved Virtual Machine. In Information Security, Xuejia Lai, Jianying Zhou, and Hui Li (Eds.). Lecture Notes in Computer Science, Vol. 7001. Springer Berlin Heidelberg, 168--181."},{"key":"e_1_3_2_1_11_1","volume-title":"IDA Pro Plug-in Contest","author":"Guilfanov Ilfak","year":"2016","unstructured":"Ilfak Guilfanov . 2016. IDA Pro Plug-in Contest 2016 . (2016). https:\/\/www.hex-rays.com\/contests\/2016\/index.shtml, accessed on 23. March 2017. Ilfak Guilfanov. 2016. IDA Pro Plug-in Contest 2016. (2016). https:\/\/www.hex-rays.com\/contests\/2016\/index.shtml, accessed on 23. March 2017."},{"key":"e_1_3_2_1_12_1","volume-title":"Automatic binary deobfuscation. Journal in Computer Virology","author":"Guillot Yoann","year":"2010","unstructured":"Yoann Guillot and Alexandre Gazet . 2010. Automatic binary deobfuscation. Journal in Computer Virology ( 2010 ). Yoann Guillot and Alexandre Gazet. 2010. Automatic binary deobfuscation. Journal in Computer Virology (2010)."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/1314389.1314399"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/WCRE.2012.16"},{"key":"e_1_3_2_1_15_1","volume-title":"Surreptitious Software: Obfuscation, Watermarking, and Tamperproofing for Software Protection. Pearson Education.","author":"Nagra Jasvir","year":"2009","unstructured":"Jasvir Nagra and Christian Collberg . 2009 . Surreptitious Software: Obfuscation, Watermarking, and Tamperproofing for Software Protection. Pearson Education. Jasvir Nagra and Christian Collberg. 2009. Surreptitious Software: Obfuscation, Watermarking, and Tamperproofing for Software Protection. Pearson Education."},{"key":"e_1_3_2_1_16_1","volume-title":"Inside the Jaws of Trojan.Clampi. (2009). https:\/\/www.symantec.com\/content\/en\/us\/enterprise\/media\/security_response\/whitepapers\/inside_trojan_clampi.pdf, accessed on 17","author":"Nicolas Falliere Eric Chien","year":"2016","unstructured":"Eric Chien Nicolas Falliere , Patrick Fitzgerald . 2009. Inside the Jaws of Trojan.Clampi. (2009). https:\/\/www.symantec.com\/content\/en\/us\/enterprise\/media\/security_response\/whitepapers\/inside_trojan_clampi.pdf, accessed on 17 . October 2016 . Eric Chien Nicolas Falliere, Patrick Fitzgerald. 2009. Inside the Jaws of Trojan.Clampi. (2009). https:\/\/www.symantec.com\/content\/en\/us\/enterprise\/media\/security_response\/whitepapers\/inside_trojan_clampi.pdf, accessed on 17. October 2016."},{"key":"e_1_3_2_1_17_1","unstructured":"Oreans Technologies. 2016. Themida. (2016). http:\/\/www.oreans.com accessed on 10. March 2017.  Oreans Technologies. 2016. Themida. (2016). http:\/\/www.oreans.com accessed on 10. March 2017."},{"key":"e_1_3_2_1_18_1","volume-title":"Countering polymorphic malicious computer code through code optimization. (Nov. 24","author":"Perriot Frederic","year":"2009","unstructured":"Frederic Perriot . 2009. Countering polymorphic malicious computer code through code optimization. (Nov. 24 2009 ). US Patent 7,624,449. Frederic Perriot. 2009. Countering polymorphic malicious computer code through code optimization. (Nov. 24 2009). US Patent 7,624,449."},{"key":"e_1_3_2_1_19_1","unstructured":"Jason Raber. 2013. Virtual Deobfuscator -- a DARPA Cyber Fast Track funded effort. (2013). http:\/\/www.cerosecurity.com\/blackhat-usa-2013-presentaciones-y-diapositivas\/ accessed on 10. March 2017.  Jason Raber. 2013. Virtual Deobfuscator -- a DARPA Cyber Fast Track funded effort. (2013). http:\/\/www.cerosecurity.com\/blackhat-usa-2013-presentaciones-y-diapositivas\/ accessed on 10. March 2017."},{"key":"e_1_3_2_1_20_1","unstructured":"Babak Bashari Rad Maslin Masrom and Suhaimi Ibrahim. 2012. Camouflage in malware: from encryption to metamorphism. In International Journal of Computer Science and Network Security. 74--83.  Babak Bashari Rad Maslin Masrom and Suhaimi Ibrahim. 2012. Camouflage in malware: from encryption to metamorphism. In International Journal of Computer Science and Network Security. 74--83."},{"key":"e_1_3_2_1_21_1","unstructured":"Rolf Rolles. 2007. Defeating HyperUnpackMe2. (2007). http:\/\/www.openrce.org\/articles\/full_view\/28 accessed on 10. March 2017.  Rolf Rolles. 2007. Defeating HyperUnpackMe2. (2007). http:\/\/www.openrce.org\/articles\/full_view\/28 accessed on 10. March 2017."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.5555\/1855876.1855877"},{"key":"e_1_3_2_1_23_1","unstructured":"Shared Encyclopedia. 2016. VMProtect Logical instruction. (2016). http:\/\/et97.com\/view\/1281031.htm accessed on 10. March 2017.  Shared Encyclopedia. 2016. VMProtect Logical instruction. (2016). http:\/\/et97.com\/view\/1281031.htm accessed on 10. March 2017."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2009.27"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"crossref","unstructured":"Yan Shoshitaishvili Ruoyu Wang Christopher Salls Nick Stephens Mario Polino Andrew Dutcher John Grosen Siji Feng Christophe Hauser Christopher Kruegel and Giovanni Vigna. 2016. SoK: (State of) The Art of War: Offensive Techniques in Binary Analysis. (2016).  Yan Shoshitaishvili Ruoyu Wang Christopher Salls Nick Stephens Mario Polino Andrew Dutcher John Grosen Siji Feng Christophe Hauser Christopher Kruegel and Giovanni Vigna. 2016. SoK: (State of) The Art of War: Offensive Techniques in Binary Analysis. (2016).","DOI":"10.1109\/SP.2016.17"},{"key":"e_1_3_2_1_26_1","volume-title":"Proceedings of the RECON 2008, Reverse Engineering Conference. Neohapsis, Inc.","author":"Smith Craig","year":"2008","unstructured":"Craig Smith . 2008 . Creating Code Obfuscation Virtual Machines . In Proceedings of the RECON 2008, Reverse Engineering Conference. Neohapsis, Inc. Craig Smith. 2008. Creating Code Obfuscation Virtual Machines. In Proceedings of the RECON 2008, Reverse Engineering Conference. Neohapsis, Inc."},{"volume-title":"Virtual machines: versatile platforms for systems and processes","author":"Smith Jim","key":"e_1_3_2_1_27_1","unstructured":"Jim Smith and Ravi Nair . 2005. Virtual machines: versatile platforms for systems and processes . Elsevier . Jim Smith and Ravi Nair. 2005. Virtual machines: versatile platforms for systems and processes. Elsevier."},{"key":"e_1_3_2_1_28_1","volume-title":"Driller: Augmenting Fuzzing Through Selective Symbolic Execution.","author":"Stephens Nick","year":"2016","unstructured":"Nick Stephens , John Grosen , Christopher Salls , Andrew Dutcher , Ruoyu Wang , Jacopo Corbetta , Yan Shoshitaishvili , Christopher Kruegel , and Giovanni Vigna . 2016 . Driller: Augmenting Fuzzing Through Selective Symbolic Execution. (2016). Nick Stephens, John Grosen, Christopher Salls, Andrew Dutcher, Ruoyu Wang, Jacopo Corbetta, Yan Shoshitaishvili, Christopher Kruegel, and Giovanni Vigna. 2016. Driller: Augmenting Fuzzing Through Selective Symbolic Execution. (2016)."},{"key":"e_1_3_2_1_29_1","unstructured":"VMPSoft. 2016. VMProtect. (2016). http:\/\/www.vmpsoft.com accessed on 10. March 2017.  VMPSoft. 2016. VMProtect. (2016). http:\/\/www.vmpsoft.com accessed on 10. March 2017."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.47"}],"event":{"name":"ARES '17: International Conference on Availability, Reliability and Security","acronym":"ARES '17","location":"Reggio Calabria Italy"},"container-title":["Proceedings of the 12th International Conference on Availability, Reliability and Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3098954.3098995","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3098954.3098995","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T03:37:25Z","timestamp":1750217845000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3098954.3098995"}},"subtitle":["Deobfuscating Virtualization-Based Packed Binaries"],"short-title":[],"issued":{"date-parts":[[2017,8,29]]},"references-count":29,"alternative-id":["10.1145\/3098954.3098995","10.1145\/3098954"],"URL":"https:\/\/doi.org\/10.1145\/3098954.3098995","relation":{},"subject":[],"published":{"date-parts":[[2017,8,29]]},"assertion":[{"value":"2017-08-29","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}