Malware provenance : detecting code reuse in malicious software
Detecting code reuse in software has applications in malicious code analysis and malware code search and retrieval, but is complicated by the lack of available source code. Malware Provenance examines the difficulties in detecting code reuse in malware, particularly concerning the transformative processes during compilation. The thesis proposes methods of normalization to allow for code reuse detection within compiled x86 malicious software. It examines a method for filtering as well as visualizing results of similarity uncovered in the process. The thesis proposes a method to conduct similarity ...
(For more, see "View full record.")