en
0.25
0.5
0.75
1.25
1.5
1.75
2
Differentiating Code from Data in x86 Binaries
Published on Oct 03, 20113073 Views
Robust, static disassembly is an important part of achieving high coverage for many binary code analyses, such as reverse engineering, malware analysis, reference monitor in-lining, and software fau
Related categories
Chapter list
Differentiating Code from Data in X86 Binaries00:00
Why Disassemble00:09
Disassembling Java & RISC01:13
Disassembling x86 (1)01:49
Disassembling x86 (2)02:38
Control Flow Disassembly (1)02:57
Control Flow Disassembly (2)03:34
Control Flow Disassembly (3)03:55
Hidden Entrypoints04:05
Disassembling x86 Successfully04:40
Disassembling x86 Gone Wrong04:57
The Solution05:24
Instruction Reference Array06:29
Machine Learning + x86?07:03
Prediction by Partial Matching (PPM)07:37
PPM Classifier07:55
Classification Heuristics08:15
Results10:15
Results (eMule)11:16
Conclusion and Future Work12:03
ecmlpkdd2011_wartell_code_01_Page_2113:52