Description: PDF :- http://www.shmoocon.org/2012/presentations/Danny_Quist-3dmalware-shmoocon2012...
Malware reverse engineering is greatly helped by visualization techniques. In this talk I will show you my 3D visualization enhancements to VERA for creating compelling, and useful displays of malware. This new tool provides a new method to visualize running code, show concurrent running threads of execution, visualize the temporal relationships of the code, and illustrate complicated packer original entry point detection. Real! Live! Reverse Engineering! of the past year of malware will show the utility of the program on in-the-wild samples.
Danny Quist is a research scientist at Los Alamos National Laboratory and the founder of Offensive Computing, LLC. His research is in automated analysis methods for malware with software and hardware assisted techniques. He consults with both private and public sectors on system and network security. His interests include malware defense, reverse engineering, exploitation methods, virtual machines, and automatic classification systems. Danny holds a Ph.D. from the New Mexico Institute of Mining and Technology. He is the master of the Five Point Exploding Packer Technique. Danny has presented at several industry conferences including Blackhat, RSA, ShmooCon, Vizsec, and Defcon.
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.