Differential analysis on dynamic binary and its application in malicious code analysis
动态指令流差分分析在恶意软件分析中的应用*

Static binary analysis methods cannot meet the demand for malicious code analysis, and the traditional dynamic analysis approaches cannot effectively find the critical information among the huge amount of dynamic binary code. This paper gave a kind of differential analysis approach on dynamic binary code and provided its model and method. This approach could effectively extract the sensitive information from malicious code and make the function module or data spread understood. Finally, it provided an experiment based on differential binary analysis system, which validated the capability and efficiency of the approach.