izpis_h1_title_alt

Statična forenzična analiza slabogramja
ID Jesenovec, Klemen (Author), ID Slivnik, Boštjan (Mentor) More about this mentor... This link opens in a new window

.pdfPDF - Presentation file, Download (2,60 MB)
MD5: 4A7D2A5C79F13568F866F001AC64873C

Abstract
Slabogramje dandanes predstavlja veliko nevarnost računalniškim sistemom po celem svetu. Da se lahko pred slabogramjem učinkovito zavarujemo, je potrebno razumeti njegovo delovanje, kar dosežemo z analizo slabogramja. V magistrski nalogi se osredotočimo na statične pristope analize slabogramja napisanega za arhitekturo x86. Predstavimo lastnosti programov napisanih za arhitekturo x86 in tehnike zmaličenja tovrstnih programov. Predstavimo nov program za obratno inženirstvo Ghidra in opišemo njegova glavna orodja. S programom Ghidra na dveh primerih slabogramja pokažemo praktično analizo slabogramja in povzamemo njuno delovanje.

Language:Slovenian
Keywords:obratno inženirstvo, obratno prevajanje, slabogramje
Work type:Master's thesis/paper
Typology:2.09 - Master's Thesis
Organization:FRI - Faculty of Computer and Information Science
Year:2022
PID:20.500.12556/RUL-134382 This link opens in a new window
COBISS.SI-ID:96305923 This link opens in a new window
Publication date in RUL:12.01.2022
Views:863
Downloads:63
Metadata:XML RDF-CHPDL DC-XML DC-RDF
:
Copy citation
Share:Bookmark and Share

Secondary language

Language:English
Title:Static forensic analysis of malware
Abstract:
Today malware represents a large threat to computer systems worldwide. To effectively defend against malware, we first need to understand its operation, which we accomplish with malware analysis. In this master's thesis, we focus on static analysis approaches written for the x86 architecture. We present properties of programs written for the x86 architecture and their obfuscation techniques. We present a new program for reverse engineering called Ghidra and describe its main tools. We show the practical analysis of two malware samples with Ghidra and summarize their behavior.

Keywords:reverse engineering, decompilation, malware

Similar documents

Similar works from RUL:
Similar works from other Slovenian collections:

Back