A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf
.
API Chaser: Taint-Assisted Sandbox for Evasive Malware Analysis
2019
Journal of Information Processing
We propose a design and implementation for an Application Programming Interface (API) monitoring system called API Chaser, which is resistant to evasion-type anti-analysis techniques, e.g., stolen code and code injection. The core technique in API Chaser is code tainting, which enables us to identify precisely the execution of monitored instructions by propagating three types of taint tags added to the codes of API, malware, and benign executables, respectively. Additionally, we introduce
doi:10.2197/ipsjjip.27.297
fatcat:d56up6yd2ve6rbto45rrvsimii