Aleksander Czarnowski AVET Information and Network Security
download slides (PDF)
Such a variety of shellcode forms and the attackers' ability to automatically make different ones creates the need for automatic analysis and classification in order to provide proper detection and protection. The aim of this paper is to describe an automatic, generic method based on static analysis of shellcodes for different CPU architectures and operating systems. The proposed approach, based on the meta-processor idea, will be demonstrated with the help of Python-based proof-of-concept code.