Software fingerprinting for automated assembly code analysis – Project overview

PDF

Authors
  1. Charland, P.
Corporate Authors
Defence Research and Development Canada, Valcartier Research Centre, Quebec QC (CAN)
Abstract
With the revolution in information technology, the dependence of the Canadian Armed Forces (CAF) on their information systems continues to grow. While information systems-based assets confer a distinct advantage, they also make the CAF vulnerable if adversaries interfere with those. Unfortunately, the technology required to disrupt and damage an information system through malicious software (malware) is far less sophisticated and expensive than the amount of investment required to create the system. To understand and mitigate this threat, reverse engineering has to be performed to analyze malware. However, software reverse engineering is a manually intensive and time-consuming process. The learning curve to master it is quite steep and once mastered, the process is hindered when anti-reverse engineering techniques are used. This results in the very few available reverse engineers being quickly saturated. This Scientific Report describes new approaches to accelerate the reverse engineering process of malware. The goal is to reduce redundant analysis efforts by automating the identification of code fragments which reuse (i) previously analyzed assembly code or (ii) open source code publicly available.

Il y a un résumé en français ici.

Keywords
software reverse engineering;malware analysis;assembly to source code matching;clone detection
Report Number
DRDC-RDDC-2015-R027 — Scientific Report
Date of publication
01 Mar 2015
Number of Pages
40
DSTKIM No
CA040055
CANDIS No
801089
Format(s):
Electronic Document(PDF)

Permanent link

Document 1 of 1

Date modified: