摘要:The importance of detecting malwares has increased as their damages become severe, however it ismuch difficult to test the malwares, which are written to bypass such detection techniques. In order to testthe malwares using investigation tools including debuggers, we may have to develop methods to bypassanti-debugging APIs usually found in the malwares. In this paper, we deal with such methods of bypassinganti-debugging APIs for the purpose of security test on malwares.First, we classify the anti-debugging techniques into three categories and investigate their workingmechanism in high-level language. Then, we explain our four methods of bypassing anti-debugging APIs inmachine instruction level. The experimental results show that our methods could effectively bypassanti-debugging APIs.The proposed methods could improve the effectiveness of malware test, if applied before the test.
