Research Article
All-in-One Framework for Detection, Unpacking, and Verification for Malware Analysis
Table 1
Observations and solutions for the proposed all-in-one unpacking system.
| Observation | Explanation | Solution |
| No phase integration | Unpacking-related three phases are separately developed | Adopt an all-in-one approach integrating all three phases |
| No detection combination | There is no attempt to combine various existing methods for packing detection | Combine four packing detection methods to improve detection accuracy |
| No real-restoration | Main goal is to find OEP | Restore unpacked files by performing actual unpacking as well as finding OEP |
| No unpacking verification | There is no quantitative way to verify the restoration accuracy | Present a verification algorithm to evaluate the accuracy of unpacking results |
|
|