Abstract
Malware authors and attackers don’t like what we analysts do, and to dissuade us, they are going to create obstacles otherwise known as armoring, to make the process of analyzing and detecting malware difficult. To this end, malware uses various armoring and evasion techniques. Armoring techniques are usually meant to hinder malware analysis, while evasion techniques are meant to evade antimalware tools. Generally, most of the time, there is no clear demarcation between both the techniques and many of the techniques can be commonly used across both areas. In this chapter, we discuss various armoring and evasion techniques embedded into malware that can hinder the process of malware analysis and debugging, and how we can bypass them so that we can correctly analyze these malware samples
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2020 Abhijit Mohanta, Anoop Saldanha
About this chapter
Cite this chapter
Mohanta, A., Saldanha, A. (2020). Armoring and Evasion: The Anti-Techniques. In: Malware Analysis and Detection Engineering. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-6193-4_19
Download citation
DOI: https://doi.org/10.1007/978-1-4842-6193-4_19
Published:
Publisher Name: Apress, Berkeley, CA
Print ISBN: 978-1-4842-6192-7
Online ISBN: 978-1-4842-6193-4
eBook Packages: Professional and Applied ComputingProfessional and Applied Computing (R0)Apress Access Books