首页>
外国专利>
SYSTEM AND METHOD FOR BYPASSING EVASION TESTS WITH APPLICATIONS IN ANALYSIS AND MONITORING OF MOBILE APPLICATIONS
SYSTEM AND METHOD FOR BYPASSING EVASION TESTS WITH APPLICATIONS IN ANALYSIS AND MONITORING OF MOBILE APPLICATIONS
展开▼
机译:绕过评估测试的系统和方法及其在移动应用程序的分析和监视中的应用
展开▼
页面导航
摘要
著录项
相似文献
摘要
A given program is said to be evasive when it performs different behaviors under different running conditions. In general, the aim of evasion is to make the analysis, monitoring or reverse engineering of the given software system harder for an analyzer. Evasion is largely used by malware to increase its effectiveness. Aspects of the invention include a system, method and computer program product to detect and bypass evasion mechanisms for software analysis. Given a set of fingerprinting sources and a program, we first search for evasion candidates. These are program slices where the data depending on fingerprinting sources is used at branching point. In a second step, instrumentation strategies are applied to generate programs where the combination of possible branches is forced via toggling of return values and/or expression values. Finally, the resulting programs are each executed dynamically to monitor deltas between observed behaviors across the original and instrumented versions.
展开▼