Wang, XinyuanFarley, Ryan Joseph2015-07-292015-07-292015https://hdl.handle.net/1920/9697Malware analysis, forensics, and reverse engineering reveal a deeper understanding of the inner workings of malware and the mechanics behind attack detection, which enables us to develop better defenses against increasingly sophisticated malware. Despite its inherent value, the current state of forensic analysis requires notable manual effort due to various obfuscation techniques used by malware. In this work, we investigate how to automate forensic analysis of obfuscated malware and develop novel tools that can automatically pinpoint and recover hidden, obfuscated malicious code within memory dumps and network traffic captures. Our tool also helps to identify the vulnerable data structure within the exploited binary executable.160 pagesenCopyright 2015 Ryan Joseph FarleyComputer scienceComputer engineeringCode ExtractionData-flow AnalysisDynamic AnalysisMalware ForensicsObfuscated ShellcodeSelective Symbolic ExecutionDissertation