Statična forenzična analiza slabogramja
magistrsko delo
Abstract
Slabogramje dandanes predstavlja veliko nevarnost računalniškim sistemom po celem svetu. Da se lahko pred slabogramjem učinkovito zavarujemo, je potrebno razumeti njegovo delovanje, kar dosežemo z analizo slabogramja. V magistrski nalogi se osredotočimo na statične pristope analize slabogramja napisanega za arhitekturo x86. Predstavimo lastnosti programov napisanih za arhitekturo x86 in tehnike zmaličenja tovrstnih programov. Predstavimo nov program za obratno inženirstvo Ghidra in opišemo njegova glavna orodja. S programom Ghidra na dveh primerih slabogramja pokažemo praktično analizo slabogramja in povzamemo njuno delovanje.
Keywords
obratno inženirstvo;obratno prevajanje;slabogramje;magisteriji;
Data
| Language: | Slovenian |
|---|---|
| Year of publishing: | 2021 |
| Typology: | 2.09 - Master's Thesis |
| Organization: | UL FRI - Faculty of Computer and Information Science |
| Publisher: | [K. Jesenovec] |
| UDC: | 004.491(043.2) |
| COBISS: |
96305923
|
| Views: | 217 |
| Downloads: | 34 |
| Average score: | 0 (0 votes) |
| Metadata: |
|
Other data
| Secondary language: | English |
|---|---|
| Secondary title: | Static forensic analysis of malware |
| Secondary abstract: | Today malware represents a large threat to computer systems worldwide. To effectively defend against malware, we first need to understand its operation, which we accomplish with malware analysis. In this master's thesis, we focus on static analysis approaches written for the x86 architecture. We present properties of programs written for the x86 architecture and their obfuscation techniques. We present a new program for reverse engineering called Ghidra and describe its main tools. We show the practical analysis of two malware samples with Ghidra and summarize their behavior. |
| Secondary keywords: | reverse engineering;decompilation;malware;computer science;master's degree;Računalništvo;Univerzitetna in visokošolska dela; |
| Type (COBISS): | Master's thesis/paper |
| Study programme: | 1000471 |
| Embargo end date (OpenAIRE): | 1970-01-01 |
| Thesis comment: | Univ. v Ljubljani, Fak. za računalništvo in informatiko |
| Pages: | 96 str. |
| ID: | 14240347 |
Recommended works:
Statična forenzična analiza slabogramja
2021,
magistrsko delo
Varnost računalništva v oblaku
2023,
magistrsko delo
Agentno modeliranje vedenja aktivnega odjemalca
2021,
magistrsko delo
Primerjava metrik funkcijske konektivnosti
2022,
magistrsko delo
Analiza dinamike podaj v košarki
2021,
magistrsko delo