Pregled bibliografske jedinice broj: 542640
Using optimization algorithms for malware deobfuscation
Using optimization algorithms for malware deobfuscation, 2010., diplomski rad, diplomski, FER, Zagreb
CROSBI ID: 542640 Za ispravke kontaktirajte CROSBI podršku putem web obrasca
Naslov
Using optimization algorithms for malware deobfuscation
Autori
Spasojević, Branko
Vrsta, podvrsta i kategorija rada
Ocjenski radovi, diplomski rad, diplomski
Fakultet
FER
Mjesto
Zagreb
Datum
06.07
Godina
2010
Stranica
34
Mentor
Golub, Marin
Neposredni voditelj
Golub, Marin
Ključne riječi
deobfuscation; optimization; assembly; malware; binary; compiler
Sažetak
Analysis of malware binaries is constantly becoming more difficult with introduction of many different types of code obfuscators. One common theme in all obfuscators is transformation of code into a complex representation. This process can be viewed as inverse of compiler optimization techniques and as such can be partially removed using optimization algorithms. This paper presents common obfuscation techniques and a process of adapting optimization algorithms for removing obfuscations. Additionally, a plug-in for the IDA Pro disassembler is presented that demonstrates usability of the proposed optimization process as well as a set of techniques to speed up the process of analyzing obfuscated code.
Izvorni jezik
Engleski
Znanstvena područja
Računarstvo
POVEZANOST RADA
Projekti:
036-0361994-1995 - Univerzalna posrednička platforma za sustave e-učenja (Glavinić, Vlado, MZO ) ( CroRIS)
036-0362980-1921 - Računalne okoline za sveprisutne raspodijeljene sustave (Srbljić, Siniša, MZO ) ( CroRIS)
Ustanove:
Fakultet elektrotehnike i računarstva, Zagreb
Profili:
Marin Golub
(mentor)
