Abstract
Static analysis tools have improved significantly in recent years with advances in intermediate representations, symbolic execution, constraint solving, control flow recovery, and static data flow analysis. Scripting of static analysis has improved at an even faster pace, with new APIs allowing easy access to extend or modify the building blocks that static analysis tools are built upon.One of code obfuscation's common goals is to make it more difficult for a reverse engineer to analyze or understand the code. With today's more powerful static analysis tools, what code obfuscation techniques are still effective against static reverse engineering, and which are now easy to remove?This talk first explores how modern static analysis tools analyze binary code. An overview of how these tools recover a program's control flow from a binary is presented, as well as a look at the analysis features that are available to scripts built upon them.Various obfuscation techniques are then discussed to explore the impact of modern static analysis tools on them. Such impacts include, obfuscation techniques that have been defeated by modern tools;scripting features that have made some obfuscation techniques easier to remove;obfuscation techniques that are still difficult for static analysis to resolve;code patterns that remain difficult to analyze, even with an expert reverse engineer interacting with the tool.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
