Encoding is the act of converting data into a new format. It’s used for tasks such as efficiently transporting data, ensuring interoperability between protocols or applications, and compressing and storing data. Malware authors also use encoding to obfuscate data and code that shouldn’t be seen by analysts or host and network defenses. Encryption, which shares similarities with encoding, is a way to protect sensitive data in transit or at rest. Malware can use encryption for many reasons, including obfuscating sensitive data in memory such as command and control (C2) information. In addition to defense evasion, ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month, and much more.
