A Framework for the Static Analysis of Malware focusing on Signal Processing Techniques
- Zeisberger, Sascha, Irwin, Barry V W
- Authors: Zeisberger, Sascha , Irwin, Barry V W
- Date: 2012
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/427914 , vital:72473 , https://www.researchgate.net/profile/Barry-Ir-win/publication/327622833_A_Framework_for_the_Static_Analysis_of_Mal-ware_focusing_on_Signal_Processing_Techniques/links/5b9a1396a6fdcc59bf8dfc87/A-Framework-for-the-Static-Analysis-of-Malware-focusing-on-Signal-Processing-Techniques.pdf
- Description: The information gathered through conventional static analysis of malicious binaries has become increasingly limited. This is due to the rate at which new malware is being created as well as the increasingly complex methods employed to obfuscating these binaries. This paper discusses the development of a framework to analyse malware using signal processing techniques, the initial iteration of which focuses on common audio processing techniques such as Fourier transforms. The aim of this research is to identify characteristics of malware and the encryption methods used to obfuscate malware. This is achieved through the analysis of their binary structure, potentially providing an additional metric for autonomously fingerprinting malware.
- Full Text:
- Date Issued: 2012
- Authors: Zeisberger, Sascha , Irwin, Barry V W
- Date: 2012
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/427914 , vital:72473 , https://www.researchgate.net/profile/Barry-Ir-win/publication/327622833_A_Framework_for_the_Static_Analysis_of_Mal-ware_focusing_on_Signal_Processing_Techniques/links/5b9a1396a6fdcc59bf8dfc87/A-Framework-for-the-Static-Analysis-of-Malware-focusing-on-Signal-Processing-Techniques.pdf
- Description: The information gathered through conventional static analysis of malicious binaries has become increasingly limited. This is due to the rate at which new malware is being created as well as the increasingly complex methods employed to obfuscating these binaries. This paper discusses the development of a framework to analyse malware using signal processing techniques, the initial iteration of which focuses on common audio processing techniques such as Fourier transforms. The aim of this research is to identify characteristics of malware and the encryption methods used to obfuscate malware. This is achieved through the analysis of their binary structure, potentially providing an additional metric for autonomously fingerprinting malware.
- Full Text:
- Date Issued: 2012
Building a Graphical Fuzzing Framework
- Zeisberger, Sascha, Irwin, Barry V W
- Authors: Zeisberger, Sascha , Irwin, Barry V W
- Date: 2012
- Subjects: To be catalogued
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/429772 , vital:72638 , https://digifors.cs.up.ac.za/issa/2012/Proceedings/Research/59_ResearchInProgress.pdf
- Description: Fuzz testing is a robustness testing technique that sends malformed data to an application’s input. This is to test an application’s behaviour when presented with input beyond its specification. The main difference between traditional testing techniques and fuzz testing is that in most traditional techniques an application is tested according to a specification and rated on how well the application conforms to that specification. Fuzz testing tests beyond the scope of a specification by intelligently generating values that may be interpreted by an application in an unintended manner. The use of fuzz testing has been more prevalent in academic and security communities despite showing success in production environments. To measure the effectiveness of fuzz testing, an experiment was conducted where several publicly available applications were fuzzed. In some instances, fuzz testing was able to force an application into an invalid state and it was concluded that fuzz testing is a relevant testing technique that could assist in developing more robust applications. This success prompted a further investigation into fuzz testing in order to compile a list of requirements that makes an effective fuzzer. The aforementioned investigation assisted in the design of a fuzz testing framework, the goal of which is to make the process more accessible to users outside of an academic and security environment. Design methodologies and justifications of said framework are discussed, focusing on the graphical user interface components as this aspect of the framework is used to increase the usability of the framework.
- Full Text:
- Date Issued: 2012
- Authors: Zeisberger, Sascha , Irwin, Barry V W
- Date: 2012
- Subjects: To be catalogued
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/429772 , vital:72638 , https://digifors.cs.up.ac.za/issa/2012/Proceedings/Research/59_ResearchInProgress.pdf
- Description: Fuzz testing is a robustness testing technique that sends malformed data to an application’s input. This is to test an application’s behaviour when presented with input beyond its specification. The main difference between traditional testing techniques and fuzz testing is that in most traditional techniques an application is tested according to a specification and rated on how well the application conforms to that specification. Fuzz testing tests beyond the scope of a specification by intelligently generating values that may be interpreted by an application in an unintended manner. The use of fuzz testing has been more prevalent in academic and security communities despite showing success in production environments. To measure the effectiveness of fuzz testing, an experiment was conducted where several publicly available applications were fuzzed. In some instances, fuzz testing was able to force an application into an invalid state and it was concluded that fuzz testing is a relevant testing technique that could assist in developing more robust applications. This success prompted a further investigation into fuzz testing in order to compile a list of requirements that makes an effective fuzzer. The aforementioned investigation assisted in the design of a fuzz testing framework, the goal of which is to make the process more accessible to users outside of an academic and security environment. Design methodologies and justifications of said framework are discussed, focusing on the graphical user interface components as this aspect of the framework is used to increase the usability of the framework.
- Full Text:
- Date Issued: 2012
A fuzz testing framework for evaluating and securing network applications
- Zeisberger, Sascha, Irwin, Barry V W
- Authors: Zeisberger, Sascha , Irwin, Barry V W
- Date: 2011
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428000 , vital:72479 , https://www.researchgate.net/profile/Barry-Ir-win/publication/327622655_A_Fuzz_Testing_Framework_for_Evaluating_and_Securing_Network_Applications/links/5b9a153b92851c4ba8181b0d/A-Fuzz-Testing-Framework-for-Evaluating-and-Securing-Network-Applications.pdf
- Description: Research has shown that fuzz-testing is an effective means of increasing the quality and security of software and systems. This project proposes the im-plementation of a testing framework based on numerous fuzz-testing tech-niques. The framework will allow a user to detect errors in applications and locate critical areas in the applications that are responsible for the detected errors. The aim is to provide an all-encompassing testing framework that will allow a developer to quickly and effectively deploy fuzz tests on an applica-tion and ensure a higher level of quality control before deployment.
- Full Text:
- Date Issued: 2011
- Authors: Zeisberger, Sascha , Irwin, Barry V W
- Date: 2011
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428000 , vital:72479 , https://www.researchgate.net/profile/Barry-Ir-win/publication/327622655_A_Fuzz_Testing_Framework_for_Evaluating_and_Securing_Network_Applications/links/5b9a153b92851c4ba8181b0d/A-Fuzz-Testing-Framework-for-Evaluating-and-Securing-Network-Applications.pdf
- Description: Research has shown that fuzz-testing is an effective means of increasing the quality and security of software and systems. This project proposes the im-plementation of a testing framework based on numerous fuzz-testing tech-niques. The framework will allow a user to detect errors in applications and locate critical areas in the applications that are responsible for the detected errors. The aim is to provide an all-encompassing testing framework that will allow a developer to quickly and effectively deploy fuzz tests on an applica-tion and ensure a higher level of quality control before deployment.
- Full Text:
- Date Issued: 2011
- «
- ‹
- 1
- ›
- »