Static detection of application backdoors
- First Online:
- Cite this article as:
- Wysopal, C., Eng, C. & Shields, T. DuD (2010) 34: 149. doi:10.1007/s11623-010-0024-4
Backdoors in legitimate software, whether maliciously inserted or carelessly introduced, are a risk that should be detected prior to the affected software or system being deployed. Automated static analysis of executable code can detect many classes of malicious behavior. This paper will cover the techniques that can be employed to detect special credentials, hidden commands, information leakage, rootkit behavior, anti-debugging, and time bombs.