Title:
Blending Fuzzing and Symbolic Execution for Malware Analysis

Thumbnail Image
Author(s)
Amiri, Addison O.
Authors
Advisor(s)
Lee, Wenke
Advisor(s)
Person
Editor(s)
Associated Organization(s)
Organizational Unit
Organizational Unit
Supplementary to
Abstract
Malware infections have grown at least five-fold in the past five years. With an increase in IoT devices that are lacking built-in security, this problem is likely to only continue growing. Malware analysis, meanwhile, is becoming ever more challenging. Where manual analysis, symbolic execution, or fuzzing alone are overly time consuming or unfruitful, a combination of these techniques may offer promising solutions. This paper suggests a combination of fuzzing and symbolic execution to reverse engineer malware. A framework is described to tie these components together, producing test cases that call all functionality of a malware binary. These test cases show researchers the protocol used by the malware, as well as its capabilities, and allow for a reconstruction of the C&C server as desired. The goal of this work is to allow researchers to better understand malware and how to effectively combat it.
Sponsor
Date Issued
2017-05
Extent
Resource Type
Text
Resource Subtype
Undergraduate Thesis
Rights Statement
Rights URI