Software fingerprinting for automated assembly code analysis / P. Charland. : D68-2/27-2015E-PDF

With the revolution in information technology, the dependence of the Canadian Armed Forces (CAF) on their information systems continues to grow. While information systems-based assets confer a distinct advantage, they also make the CAF vulnerable if adversaries interfere with those. Unfortunately, the technology required to disrupt and damage an information system through malicious software (malware) is far less sophisticated and expensive than the amount of investment required to create the system. To understand and mitigate this threat, reverse engineering has to be performed to analyze malware. However, software reverse engineering is a manually intensive and time-consuming process. The learning curve to master it is quite steep and once mastered, the process is hindered when anti-reverse engineering techniques are used. This results in the very few available reverse engineers being quickly saturated. This Scientific Report describes new approaches to accelerate the reverse engineering process of malware. The goal is to reduce redundant analysis efforts by automating the identification of code fragments which reuse (i) previously analyzed assembly code or (ii) open source code publicly available.

Lien permanent pour cette publication :
publications.gc.ca/pub?id=9.807445&sl=1

• Format MARC XML
• Format MARC HTML

Demander des formats alternatifs