16 ENCODING AND ENCRYPTION
Encoding is the act of converting data into a new format. It’s used for tasks such as efficiently transporting data, ensuring interoperability between protocols or applications, and compressing and storing data. Malware authors also use encoding to obfuscate data and code that shouldn’t be seen by analysts or host and network defenses. Encryption, which shares similarities with encoding, is a way to protect sensitive data in transit or at rest. Malware can use encryption for many reasons, including obfuscating sensitive data in memory such as command and control (C2) information. In addition to defense evasion, ...
Get Evasive Malware now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
