乐胖代购免代理版

{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,10,30]],"date-time":"2024-10-30T22:22:24Z","timestamp":1730326944213,"version":"3.28.0"},"publisher-location":"New York, NY, USA","reference-count":69,"publisher":"ACM","content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,10,16]]},"DOI":"10.1145\/3607199.3607214","type":"proceedings-article","created":{"date-parts":[[2023,10,3]],"date-time":"2023-10-03T22:30:51Z","timestamp":1696372251000},"page":"471-484","update-policy":"http:\/\/dx.doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Xunpack: Cross-Architecture Unpacking for Linux IoT Malware"],"prefix":"10.1145","author":[{"ORCID":"http:\/\/orcid.org\/0009-0005-9310-0493","authenticated-orcid":false,"given":"Yuhei","family":"Kawakoya","sequence":"first","affiliation":[{"name":"NTT Security (Japan) KK, Japan"}]},{"ORCID":"http:\/\/orcid.org\/0009-0006-1525-9789","authenticated-orcid":false,"given":"Shu","family":"Akabane","sequence":"additional","affiliation":[{"name":"Kanagawa Institute of Technology, Japan"}]},{"ORCID":"http:\/\/orcid.org\/0009-0003-8640-7089","authenticated-orcid":false,"given":"Makoto","family":"Iwamura","sequence":"additional","affiliation":[{"name":"NTT Security (Japan) KK, Japan"}]},{"ORCID":"http:\/\/orcid.org\/0000-0002-1898-6248","authenticated-orcid":false,"given":"Takeshi","family":"Okamoto","sequence":"additional","affiliation":[{"name":"Kanagawa Institute of Technology, Japan"}]}],"member":"320","published-online":{"date-parts":[[2023,10,16]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Aris Adamantiadis. 2022. Midgetpack. Retrieved 2023-03-29 from https:\/\/github.com\/arisada\/midgetpack"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.procs.2021.09.291"},{"volume-title":"The Circle Of Life: A Large-Scale Study of The IoT Malware Lifecycle. In 30th USENIX Security Symposium (USENIX Security 21)","year":"2021","author":"Alrawi Omar","key":"e_1_3_2_1_3_1","unstructured":"Omar Alrawi, Charles Lever, Kevin Valakuzhy, Ryan Court, Kevin Snow, Fabian Monrose, and Manos Antonakakis. 2021. The Circle Of Life: A Large-Scale Study of The IoT Malware Lifecycle. In 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, 3505\u20133522. https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/alrawi-circle"},{"volume-title":"Understanding the Mirai Botnet. In 26th USENIX Security Symposium (USENIX Security 17)","year":"2017","author":"Antonakakis Manos","key":"e_1_3_2_1_4_1","unstructured":"Manos Antonakakis, Tim April, Michael Bailey, Matt Bernhard, Elie Bursztein, Jaime Cochran, Zakir Durumeric, J.\u00a0Alex Halderman, Luca Invernizzi, Michalis Kallitsis, Deepak Kumar, Chaz Lever, Zane Ma, Joshua Mason, Damian Menscher, Chad Seaman, Nick Sullivan, Kurt Thomas, and Yi Zhou. 2017. Understanding the Mirai Botnet. In 26th USENIX Security Symposium (USENIX Security 17). USENIX Association, Vancouver, BC, 1093\u20131110. https:\/\/www.usenix.org\/conference\/usenixsecurity17\/technical-sessions\/presentation\/antonakakis"},{"key":"e_1_3_2_1_5_1","unstructured":"asus. 2023. ELF-Encrypter home page. Retrieved 2023-03-29 from http:\/\/elf-encrypter.sourceforge.net\/"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/3182657"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/945445.945462"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.5555\/1247360.1247401"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/1972551.1972556"},{"volume-title":"Pandora\u2019s Bochs: Automatic Unpacking of Malware. Ph.\u00a0D. Dissertation.","year":"2008","author":"Bohne Lutz","key":"e_1_3_2_1_10_1","unstructured":"Lutz Bohne. 2008. Pandora\u2019s Bochs: Automatic Unpacking of Malware. Ph.\u00a0D. Dissertation. Mannheim, Germany."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813627"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-020-00348-w"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243771"},{"key":"e_1_3_2_1_14_1","unstructured":"Shaun Clowes and Neel Mehta. 2003. Advanced in ELF Runtime Binary Encryption - Shiva."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/3313808.3313811"},{"volume-title":"39th IEEE Symposium on Security and Privacy","year":"2018","author":"Cozzi Emanuele","key":"e_1_3_2_1_16_1","unstructured":"Emanuele Cozzi, Mariano Graziano, Yanick Fratantonio, and Davide Balzarotti. 2018. Understanding Linux malware. In S&P 2018, 39th IEEE Symposium on Security and Privacy, May 21-23, 2018, San Francisco, CA, USA, IEEE (Ed.). San Francisco."},{"volume-title":"PyPANDA: Taming the PANDAmonium of Whole System Dynamic Analysis. In NDSS Workshop on Binary Analysis Research (BAR). Virtual Event","year":"2021","author":"Craig Luke","key":"e_1_3_2_1_17_1","unstructured":"Luke Craig, Andrew Fasano, Tiemoko Ballo, Tim Leek, Brendan Dolan-Gavitt, and William Robertson. 2021. PyPANDA: Taming the PANDAmonium of Whole System Dynamic Analysis. In NDSS Workshop on Binary Analysis Research (BAR). Virtual Event, San Diego, CA. https:\/\/messlab.moyix.net\/papers\/pypanda_bar21.pdf"},{"volume-title":"Unicorn: Next Generation CPU Emulator Framework.","year":"2015","author":"Dang Hoang-Vu","key":"e_1_3_2_1_18_1","unstructured":"Hoang-Vu Dang and Anh-Quynh Nguyen. 2015. Unicorn: Next Generation CPU Emulator Framework."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455779"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/2843859.2843867"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/2089125.2089126"},{"key":"e_1_3_2_1_22_1","unstructured":"elfmaster. 2023. maya. Retrieved 2023-03-29 from https:\/\/github.com\/elfmaster\/maya"},{"key":"e_1_3_2_1_23_1","unstructured":"elfmaster. 2023. Sherlocked v3. Retrieved 2023-03-29 from https:\/\/github.com\/elfmaster\/sherlocked"},{"key":"e_1_3_2_1_24_1","unstructured":"Jerry Gamblin. 2022. Mirai BotNet. Retrieved 2023-03-29 from https:\/\/github.com\/jgamblin\/Mirai-Source-Code"},{"key":"e_1_3_2_1_25_1","unstructured":"grugq. 2023. Armouring the ELF: Binary encryption on the UNIX platform. Retrieved 2023-03-29 from http:\/\/phrack.org\/issues\/58\/5.html"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","unstructured":"Fanglu Guo Peter Ferrie and tzi-cker Chiueh. 2008. A Study of the Packer Problem and Its Solutions Vol.\u00a05230. 98\u2013115. https:\/\/doi.org\/10.1007\/978-3-540-87403-4_6","DOI":"10.1007\/978-3-540-87403-4_6"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/2610384.2610407"},{"key":"e_1_3_2_1_28_1","unstructured":"Hex-Rays. 2023. State-of-the-art binary code analysis tools. Retrieved 2023-03-29 from https:\/\/www.hex-rays.com\/"},{"key":"e_1_3_2_1_29_1","unstructured":"Tim Hsu. 2023. elfuck. Retrieved 2023-03-29 from https:\/\/github.com\/timhsutw\/elfuck"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/icc.2011.5963469"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/1314389.1314399"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/1655148.1655151"},{"volume-title":"2021 IFIP\/IEEE International Symposium on Integrated Network Management (IM). 143\u2013151","year":"2021","author":"Kato Seiya","key":"e_1_3_2_1_33_1","unstructured":"Seiya Kato, Rui Tanabe, Katsunari Yoshioka, and Tsutomu Matsumoto. 2021. Adaptive Observation of Emerging Cyber Attacks targeting Various IoT Devices. In 2021 IFIP\/IEEE International Symposium on Integrated Network Management (IM). 143\u2013151."},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-41284-4_7"},{"key":"e_1_3_2_1_35_1","unstructured":"David Korczynski. 2019. Precise system-wide concatic malware unpacking. arxiv:1908.09204\u00a0[cs.CR]"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134099"},{"volume-title":"Bochs: A Portable PC Emulator for Unix\/X. Linux J.","year":"1996","author":"Lawton P.","key":"e_1_3_2_1_37_1","unstructured":"Kevin\u00a0P. Lawton. 1996. Bochs: A Portable PC Emulator for Unix\/X. Linux J. 1996, 29es (sep 1996), 7\u2013es."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/1065010.1065034"},{"volume-title":"Prevalence and Impact of Low-Entropy Packing Schemes in the Malware Ecosystem. In Network and Distributed System Security (NDSS) Symposium","year":"2020","author":"Mantovani Alessandro","key":"e_1_3_2_1_39_1","unstructured":"Alessandro Mantovani, Simone Aonzo, Xabier-Ugarte Pedrero, Alessio Merlo, and Davide Balzarotti. 2020. Prevalence and Impact of Low-Entropy Packing Schemes in the Malware Ecosystem. In Network and Distributed System Security (NDSS) Symposium (San Diego (USA)) (NDSS 20)."},{"key":"e_1_3_2_1_40_1","unstructured":"Sebastiano Mariani Lorenzo Fontana Fabio Gritti and Stefano D\u2019Alessio. 2016. PinDemonium: a DBI-based generic unpacker for Windows executables."},{"key":"e_1_3_2_1_41_1","unstructured":"marin m. 2023. vmlinux-to-elf. Retrieved 2023-03-29 from https:\/\/github.com\/marin-m\/vmlinux-to-elf"},{"volume-title":"Fast, Generic, and Safe Unpacking of Malware","year":"2007","author":"Martignoni Lorenzo","key":"e_1_3_2_1_42_1","unstructured":"Lorenzo Martignoni, Mihai Christodorescu, and Somesh Jha. 2007. OmniUnpack: Fast, Generic, and Safe Unpacking of Malware.. In ACSAC. IEEE Computer Society, 431\u2013441. http:\/\/dblp.uni-trier.de\/db\/conf\/acsac\/acsac2007.html#MartignoniCJ07"},{"volume-title":"MIPS Architecture For Programmers","author":"MIPS.","key":"e_1_3_2_1_43_1","unstructured":"MIPS. 2015. MIPS Architecture For Programmers Vol. III: MIPS32 microMIPS32 Privileged Resource Architecture. MIPS."},{"key":"e_1_3_2_1_44_1","unstructured":"Marc-Etienne M.L\u00e9veill\u00e9. 2015. Unboxing Linux\/Mumblehard. Retrieved 2023-03-29 from https:\/\/www.welivesecurity.com\/wp-content\/uploads\/2015\/04\/mumblehard.pdf"},{"volume-title":"IoTPOT: Analysing the Rise of IoT Compromises. In 9th USENIX Workshop on Offensive Technologies (WOOT 15)","year":"2015","author":"Minn\u00a0Pa Pa Yin","key":"e_1_3_2_1_45_1","unstructured":"Yin Minn\u00a0Pa Pa, Shogo Suzuki, Katsunari Yoshioka, Tsutomu Matsumoto, Takahiro Kasama, and Christian Rossow. 2015. IoTPOT: Analysing the Rise of IoT Compromises. In 9th USENIX Workshop on Offensive Technologies (WOOT 15). USENIX Association, Washington, D.C.https:\/\/www.usenix.org\/conference\/woot15\/workshop-program\/presentation\/pa"},{"volume-title":"Proceedings of the 23rd USENIX Conference on Security Symposium","year":"2014","author":"Peng Fei","key":"e_1_3_2_1_46_1","unstructured":"Fei Peng, Zhui Deng, Xiangyu Zhang, Dongyan Xu, Zhiqiang Lin, and Zhendong Su. 2014. X-Force: Force-Executing Binary Programs for Security Applications. In Proceedings of the 23rd USENIX Conference on Security Symposium (San Diego, CA) (SEC\u201914). USENIX Association, USA, 829\u2013844."},{"key":"e_1_3_2_1_47_1","unstructured":"picoFlamingo. 2023. PoCrypt. Proof Of Concept Crypter. Retrieved 2023-03-29 from https:\/\/github.com\/picoflamingo\/pocrypt"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"crossref","unstructured":"Mario Polino Andrea Continella Sebastiano Mariani Stefano D\u2019Alessio Lorenzo Fontana Fabio Gritti and Stefano Zanero. 2017. Measuring and Defeating Anti-Instrumentation-Equipped Malware. In DIMVA.","DOI":"10.1007\/978-3-319-60876-1_4"},{"volume-title":"Covert Debuging: Circumventing Software Armoring Techniques.","year":"2007","author":"Quist Danny","key":"e_1_3_2_1_49_1","unstructured":"Danny Quist and Valsmith. 2007. Covert Debuging: Circumventing Software Armoring Techniques."},{"key":"e_1_3_2_1_50_1","unstructured":"Daniel Roberson. 2023. ELFcrypt. Retrieved 2023-03-29 from https:\/\/github.com\/droberson\/ELFcrypt"},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.5555\/1855876.1855877"},{"volume-title":"PolyUnpack: Automating the Hidden-Code Extraction of Unpack-Executing Malware","year":"2006","author":"Royal Paul","key":"e_1_3_2_1_52_1","unstructured":"Paul Royal, Mitch Halpin, David Dagon, Robert Edmonds, and Wenke Lee. 2006. PolyUnpack: Automating the Hidden-Code Extraction of Unpack-Executing Malware.. In ACSAC. IEEE Computer Society, 289\u2013300. http:\/\/dblp.uni-trier.de\/db\/conf\/acsac\/acsac2006.html#RoyalHDEL06"},{"key":"e_1_3_2_1_53_1","unstructured":"Rhys Rustad-Elliott. 2023. Kiteshield. Retrieved 2023-03-29 from https:\/\/github.com\/GunshipPenguin\/kiteshield"},{"volume-title":"Eureka: A Framework for Enabling Static Malware Analysis. In Computer Security - ESORICS","year":"2008","author":"Sharif Monirul","key":"e_1_3_2_1_54_1","unstructured":"Monirul Sharif, Vinod Yegneswaran, Hassen Saidi, Phillip Porras, and Wenke Lee. 2008. Eureka: A Framework for Enabling Static Malware Analysis. In Computer Security - ESORICS 2008, Sushil Jajodia and Javier Lopez (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 481\u2013500."},{"key":"e_1_3_2_1_55_1","unstructured":"skape. 2008. Using dual-mappings to evade automated unpackers. Retrieved 2023-03-29 from http:\/\/www.uninformed.org\/?v=10&a=1&t=pdf"},{"key":"e_1_3_2_1_56_1","unstructured":"Joe Stewart. 2023. Unpacking with OllyBonE. Retrieved 2023-03-29 from http:\/\/www.openrce.org\/downloads\/details\/224\/OllyBone"},{"key":"e_1_3_2_1_57_1","unstructured":"teso. 2023. burneye encryption program 1.0.1. Retrieved 2023-03-29 from https:\/\/packetstormsecurity.com\/"},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.46"},{"volume-title":"Available Dataset: Dataset-1 (IoT honeypot: Malware binaries). Retrieved 2023-06-28 from https:\/\/sec.ynu.codes\/iot\/available_datasets","year":"2023","author":"YOKOHAMA\u00a0National University.","key":"e_1_3_2_1_59_1","unstructured":"YOKOHAMA\u00a0National University. 2023. Available Dataset: Dataset-1 (IoT honeypot: Malware binaries). Retrieved 2023-06-28 from https:\/\/sec.ynu.codes\/iot\/available_datasets"},{"key":"e_1_3_2_1_60_1","unstructured":"UPX. 2023. the Ultimate Packer for eXecutables. Retrieved 2023-03-29 from https:\/\/github.com\/upx"},{"key":"e_1_3_2_1_61_1","unstructured":"VMProtect. 2023. VMProtect. Retrieved 2023-03-29 from http:\/\/vmpsoft.com\/"},{"key":"e_1_3_2_1_62_1","unstructured":"Zeljko Vrba. 2004. cryptexec: runtime binary encryption using on-demand function extraction. Retrieved 2023-03-29 from http:\/\/zvrba.net\/downloads\/cryptexec.pdf"},{"key":"e_1_3_2_1_63_1","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2016.21"},{"key":"e_1_3_2_1_64_1","unstructured":"Thiebaud Weksteen. 2023. oplzkwp. Retrieved 2023-03-29 from https:\/\/github.com\/tweksteen"},{"volume-title":"Architecture-Independent Dynamic Information Flow Tracking","author":"Whelan Ryan","key":"e_1_3_2_1_65_1","unstructured":"Ryan Whelan, Tim Leek, and David Kaeli. 2013. Architecture-Independent Dynamic Information Flow Tracking. In Compiler Construction, Ranjit Jhala and Koen De\u00a0Bosschere (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 144\u2013163."},{"key":"e_1_3_2_1_66_1","doi-asserted-by":"publisher","DOI":"10.1145\/2420950.2420980"},{"key":"e_1_3_2_1_67_1","article-title":"Taint-assisted IAT Reconstruction against Position Obfuscation","volume":"59","author":"Yuhei Kawakoya","year":"2018","unstructured":"Kawakoya Yuhei, Iwamura Makoto, and Miyoshi Jun. 2018. Taint-assisted IAT Reconstruction against Position Obfuscation. Journal of Information Processing 59, 12 (12 2018). https:\/\/cir.nii.ac.jp\/crid\/1050001337909753344","journal-title":"Journal of Information Processing"},{"key":"e_1_3_2_1_68_1","unstructured":"Zeropoint Dynamics LLC. 2023. Zelos. Retrieved 2023-03-29 from https:\/\/github.com\/zeropointdynamics\/zelos"},{"key":"e_1_3_2_1_69_1","unstructured":"Albert Zsigovits. 2023. UPX Anti-Unpacking Techniques in IoT Malware. Retrieved 2023-03-29 from https:\/\/cujo.com\/upx-anti-unpacking-techniques-in-iot-malware\/"}],"event":{"name":"RAID 2023: The 26th International Symposium on Research in Attacks, Intrusions and Defenses","acronym":"RAID 2023","location":"Hong Kong China"},"container-title":["Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3607199.3607214","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,10,16]],"date-time":"2024-10-16T10:34:38Z","timestamp":1729074878000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3607199.3607214"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,10,16]]},"references-count":69,"alternative-id":["10.1145\/3607199.3607214","10.1145\/3607199"],"URL":"https:\/\/doi.org\/10.1145\/3607199.3607214","relation":{},"subject":[],"published":{"date-parts":[[2023,10,16]]},"assertion":[{"value":"2023-10-16","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}