The Study of the Anti-Debugging Techniques and their Mitigations:

Muhammad Saad; Muhammad Taseer

doi:10.54692/ijeci.2022.0603139

Muhammad Saad School of Electrical Engineering and Computer Sciences, NUST, Islamabad, Pakistan
Muhammad Taseer School of Electrical Engineering and Computer Sciences, NUST, Islamabad, Pakistan

DOI: https://doi.org/10.54692/ijeci.2022.0603139

Keywords: malware analysis, anti-debugging, anti-reversing, protectors, packers

Abstract

The major goal of this study is to provide anti-debugging and anti-reversing strategies/techniques employed by executables, DLLs, and packers/protectors, as well as to examine strategies that can be utilized to bypass or disable these protections. Anti-debugging techniques are designed to make sure that a program is not being executed inside a debugger. In most cases, the anti-debugging process slows down the reverse engineering process but doesn't stop it. This information will allow malware analysts and researchers to identify the techniques used by the malware. This information may also be used by security researchers, and reverse engineers who want to slow down the process of reverse engineering in order to add security to their software. It causes some difficulties for a reverse engineer, but, of course, nothing stops a skilled, knowledgeable, and committed reverse engineer.

The Study of the Anti-Debugging Techniques and their Mitigations

Muhammad Saad, Muhammad Taseer

Abstract