Skip navigation.
Home

Vizsec 2009: Visualizing Compiled Executables for Malware Analysis

The Vizsec 2009 program looks to be a pretty exciting this year. Please join us in Atlantic City New Jersey; I will be presenting more visualization techniques for malware. I'm presenting a paper titled "Visualizing Compiled Executables for Malware Analysis." I hope to see you there.

Visualizing Compile Executables for Malware Analysis PDF - This won best paper at the workshop.

Abstract

Reverse engineering compiled executables is a task with a steep learning curve. It is complicated by the task of translating assembly into a series of abstractions that represent the overall flow of a program. Most of the steps involve finding interesting areas of an executable and determining their overall functionality. This paper presents a method using dynamic analysis of program execution to visually represent the overall flow of a program. We use the Ether hypervisor framework to covertly monitor a program. The data is processed and presented for the reverse engineer. Using this method the amount of time needed to extract key features of an executable is greatly reduced, improving productivity. A preliminary user study indicates that the tool is useful for both new and experienced users.

Any updates from the conference?

Do we have any updates from the Vizsec 2009?

REgards,
VLD.

I updated the page with the

I updated the page with the paper.

Thanks

Thanks for the update.