- Title
- Towards a Sandbox for the Deobfuscation and Dissection of PHP Malware
- Creator
- Wrench, Peter M
- Creator
- Irwin, Barry V W
- Subject
- To be catalogued
- Date Issued
- 2014
- Date
- 2014
- Type
- text
- Type
- article
- Identifier
- http://hdl.handle.net/10962/429700
- Identifier
- vital:72633
- Identifier
- 10.1109/ISSA.2014.6950504
- Description
- The creation and proliferation of PHP-based Remote Access Trojans (or web shells) used in both the compromise and post exploitation of web platforms has fuelled research into automated methods of dissecting and analysing these shells. Current malware tools disguise themselves by making use of obfuscation techniques designed to frustrate any efforts to dissect or reverse engineer the code. Advanced code engineering can even cause malware to behave differently if it detects that it is not running on the system for which it was originally targeted. To combat these defensive techniques, this paper presents a sandbox-based environment that aims to accurately mimic a vulnerable host and is capable of semi-automatic semantic dissection and syntactic deobfuscation of PHP code.
- Format
- 8 pages
- Format
- Language
- English
- Relation
- Information Security for South Africa
- Relation
- Wrench, P.M. and Irwin, B.V., 2014, August. Towards a Sandbox for the Deobfuscation and Dissection of PHP Malware. In 2014 Information Security for South Africa (pp. 1-8). IEEE
- Relation
- Information Security for South Africa volume 2014 number 1 1 8 2014 2330-9881
- Rights
- Publisher
- Rights
- Use of this resource is governed by the terms and conditions of the IEEE Xplore Terms of Use Statement (https://ieeexplore.ieee.org/Xplorehelp/overview-of-ieee-xplore/terms-of-use)
- Hits: 108
- Visitors: 112
- Downloads: 6
Collections
Irwin, Barry V W (Prof)
RU Department of Computer Science
SDG 09. Industry, Innovation and Infrastructure
| Thumbnail | File | Description | Size | Format | |||
|---|---|---|---|---|---|---|---|
| View Details Download | SOURCE1 | Towards a Sandbox for the Deobfuscation and Dissection of PHP Malware.pdf | 631 KB | Adobe Acrobat PDF | View Details Download |