Reverse Engineering Malware Binaries
Malware binaries usually use a host of obfuscations and dynamic defenses to armor themselves against reverse engineering; removing such obfuscations and neutralizing any defenses typically involves a significant amount of manual intervention, which is tedious and time-consuming. The goal of this project is to devise automatic techniques for deobfuscating malware binaries and identifying (and, where possible, disabling) dynamic anti-analysis defenses. Our ultimate goal is to be able to extract the internal logic of previously-unknown malware binaries that may have been obfuscated and/or defended in ways that we cannot currently anticipate.Webmaster: Christian Collberg