Research on New PE File Packer and Shelling Methods
- DOI
- 10.2991/icismme-15.2015.410How to use a DOI?
- Keywords
- PE file; Packer; Shelling; Virtual machine
- Abstract
The full name of PE file is Portable Executable file. The common EXE, DLL, OCX, SYS and COM documents are all PE files. File packer is a necessary means of application authors usually use to protect copyrights, but it can be used by many malicious softwares to avoid the detection of anti-virus softwares. Common shelling softwares usually deal with these programs by finding the feature codes of the targeted packer files, while directional shelling softwares usually find by specified features which have already been concluded by Network Security engineers, However, with the development of shell protection, more and more shell applications can’t be processed by common shelling softwares as well as directional shelling softwares .To solve the threat of these malicious softwares, new shelling methods must be developed. The paper introduces new shelling and packing ways, and focuses on introducing principals and applications of these techniques.
- Copyright
- © 2015, the Authors. Published by Atlantis Press.
- Open Access
- This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).
Cite this article
TY - CONF AU - Xiaoyu Liu AU - Haichen Zhu PY - 2015/07 DA - 2015/07 TI - Research on New PE File Packer and Shelling Methods BT - Proceedings of the First International Conference on Information Sciences, Machinery, Materials and Energy PB - Atlantis Press SP - 1991 EP - 1995 SN - 1951-6851 UR - https://doi.org/10.2991/icismme-15.2015.410 DO - 10.2991/icismme-15.2015.410 ID - Liu2015/07 ER -