Show simple item record

dc.contributor.advisorΞενάκης, Χρήστος
dc.contributor.advisorΝταντογιάν, Χριστόφορος
dc.contributor.authorΠούλιος, Γεώργιος
dc.publisherΠανεπιστήμιο Πειραιώςel
dc.rightsAttribution-NonCommercial-NoDerivatives 4.0 Διεθνές*
dc.subjectComputer securityel
dc.titleAdvanced antivirus evasion techniquesel
dc.typeMaster Thesisel
dc.contributor.departmentΣχολή Τεχνολογιών Πληροφορικής και Επικοινωνιών. Τμήμα Ψηφιακών Συστημάτωνel
dc.description.abstractENIn this thesis we examine the use of Return-Oriented Programming (ROP) combined with other practices for local (i.e. infected executables on disk) antivirus evasion. ROP is considered as a polymorphism alternative to crypters and packers. The software product of this work is a tool written in Win32 C which, given any piece of shellcode and any non-packed 32-bit Portable Executable (PE) file, it transforms the shellcode into its ROP equivalent and patches it into (i.e. infects) the PE file. After trying various combinations of evasion techniques, the results show that certain methods can evade nearly and completely all antivirus software employed in the online VirusTotal service. From a theoretical standpoint, the main outcome of this research is a) the algorithms for analysis and manipulation of assembly code on the x86 instruction set (up to and excluding the SSE), and b) the highlighting of common antivirus software weaknesses.el
dc.contributor.masterΤεχνοοικονομική Διοίκηση και Ασφάλεια Ψηφιακών Συστημάτωνel
dc.subject.keywordEvasion techniquesel

Files in this item


This item appears in the following Collection(s)

Show simple item record

Attribution-NonCommercial-NoDerivatives 4.0 Διεθνές
Except where otherwise noted, this item's license is described as
Attribution-NonCommercial-NoDerivatives 4.0 Διεθνές

Βιβλιοθήκη Πανεπιστημίου Πειραιώς
Contact Us
Send Feedback
Created by ELiDOC
Η δημιουργία κι ο εμπλουτισμός του Ιδρυματικού Αποθετηρίου "Διώνη", έγιναν στο πλαίσιο του Έργου «Υπηρεσία Ιδρυματικού Αποθετηρίου και Ψηφιακής Βιβλιοθήκης» της πράξης «Ψηφιακές υπηρεσίες ανοιχτής πρόσβασης της βιβλιοθήκης του Πανεπιστημίου Πειραιώς»