A sandbox-based approach to the deobfuscation and dissection of php-based malware

Wrench, Peter M; Irwin, Barry V W

Title: A sandbox-based approach to the deobfuscation and dissection of php-based malware
Creator: Wrench, Peter M, Irwin, Barry V W
Date: 2015
Type: text
Type: article
Identifier: http://hdl.handle.net/10962/429258
Identifier: vital:72571
Identifier: 10.23919/SAIEE.2015.8531886
Description: The creation and proliferation of PHP-based Remote Access Trojans (or web shells) used in both the compromise and post exploitation of web platforms has fuelled research into automated methods of dissecting and analysing these shells. Current malware tools disguise themselves by making use of obfuscation techniques designed to frustrate any efforts to dissect or reverse engineer the code. Advanced code engineering can even cause malware to behave differently if it detects that it is not running on the system for which it was originally targeted. To combat these defensive techniques, this paper presents a sandbox-based environment that aims to accurately mimic a vulnerable host and is capable of semi-automatic semantic dissection and syntactic deobfuscation of PHP code.
Format: 18 pages, pdf
Language: English
Relation: Saiee Africa Research Journal, Wrench, P. and Irwin, B., 2015. A sandbox-based approach to the deobfuscation and dissection of php-based malware. Saiee Africa Research Journal, 106(2), pp.46-63, Saiee Africa Research Journal volume 106 number 2 46 63 2015 1991-1696
Rights: Publisher
Rights: Use of this resource is governed by the terms and conditions of the IEEE Xplore Terms of Use Statement (https://ieeexplore.ieee.org/Xplorehelp/overview-of-ieee-xplore/terms-of-use)

Hits: 78
Visitors: 80
Downloads: 6

Collections

Irwin, Barry V W (Prof)

RU Department of Computer Science

SDG 09. Industry, Innovation and Infrastructure

		Thumbnail	File	Description	Size	Format
View Details Download			SOURCE1	A sandbox-based approach to the deobfuscation and dissection of php-based malware.pdf	675 KB	Adobe Acrobat PDF	View Details Download