Toward Automated Forensic Analysis of Obfuscated Malware
| dc.contributor.advisor | Wang, Xinyuan | |
| dc.contributor.author | Farley, Ryan Joseph | |
| dc.creator | Farley, Ryan Joseph | |
| dc.date.accessioned | 2015-07-29T18:42:49Z | |
| dc.date.available | 2015-07-29T18:42:49Z | |
| dc.date.issued | 2015 | |
| dc.description.abstract | Malware analysis, forensics, and reverse engineering reveal a deeper understanding of the inner workings of malware and the mechanics behind attack detection, which enables us to develop better defenses against increasingly sophisticated malware. Despite its inherent value, the current state of forensic analysis requires notable manual effort due to various obfuscation techniques used by malware. In this work, we investigate how to automate forensic analysis of obfuscated malware and develop novel tools that can automatically pinpoint and recover hidden, obfuscated malicious code within memory dumps and network traffic captures. Our tool also helps to identify the vulnerable data structure within the exploited binary executable. | |
| dc.format.extent | 160 pages | |
| dc.identifier.uri | https://hdl.handle.net/1920/9697 | |
| dc.language.iso | en | |
| dc.rights | Copyright 2015 Ryan Joseph Farley | |
| dc.subject | Computer science | |
| dc.subject | Computer engineering | |
| dc.subject | Code Extraction | |
| dc.subject | Data-flow Analysis | |
| dc.subject | Dynamic Analysis | |
| dc.subject | Malware Forensics | |
| dc.subject | Obfuscated Shellcode | |
| dc.subject | Selective Symbolic Execution | |
| dc.title | Toward Automated Forensic Analysis of Obfuscated Malware | |
| dc.type | Dissertation | |
| thesis.degree.discipline | Computer Science | |
| thesis.degree.grantor | George Mason University | |
| thesis.degree.level | Doctoral |
Files
Original bundle
1 - 1 of 1