• Home
• Program
• Hospitality Program
• Registration
• Downloads
• Contact

Runtime Packer Testing Experiences

Maik Morgenstern & Andreas Marx, AV-Test.org, Germany

Runtime packers are challenging AV engines and their unpacking modules. This presentation will focus on how to properly test different aspects of the unpacking engines and will show common problems we at AV-Test.org found during regular testing. This includes, but is not limited to, the performance (e.g. scan speed of packed vs. unpacked files), security vulnerabilities (including exploitable heap, stack and buffer overflows), Denial-of-Service conditions (hangs), crashes, false positive rates (caused by improper blacklisting of packers) and other kind of misdetections. Suggestions will be made how to avoid the biggest problems in future development of the AV and other security products.