超级会员免费看
本文提出DisCo,一种利用多个反汇编器集体能力的创新方法,通过集成共识提高恶意软件分析的准确性。研究显示DisCo在功能开始识别上的F1分数上超越单一最佳反汇编器17.8个百分点,并能反馈提升单个反汇编器的性能。此外,论文探讨了架构、编译器和优化选项对反汇编器性能的影响,并在Ghidra中发现并修复了一个bug。
DisCo: Combining Disassemblers for Improved Performance
RAID 2021
开源:https://github.com/gsrishaila/DisCo-Combining-Disassemblers-for-Improved-Performance/tree/main/SourceCode
abstract
Malware infects thousands of systems globally each day causing millions of dollars in damages.
Which disassembler should a maliware analyst choose in order to get the most accurate disassembly and be able to detect, analyze and defuse malware quickly?
There is no clear answer to this question: (a) the performance of disassemblers varies across configurations, and (b) most prior work on disassemblers focuses on benign software an
订阅专栏 解锁全文
扫一扫
1401
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
