String obfuscation has become an enemy of string/pattern matching since forever. With string obfuscation tricks, string/pattern matching with no proper handling will surely return no significant results. This kind of tricks has to be taken into consideration when developing a security tool with string/pattern matching as its one of the main engine.
String concatenation with “+” or ‘+’
Analyst might need to take a proper string handling before string/pattern matching detection took place since the mentioned string obfuscation tricks above will surely evade the success of string/pattern matching –based tool. It is undoubtedly that analyst will have to give a huge effort in order for analysis tool to be useful for future usage.