No Thumbnail Available
Files
Callens_38161600_2023.pdf
UCLouvain restricted access - Adobe PDF
- 1.42 MB
Details
- Supervisors
- Faculty
- Degree label
- Abstract
- The number of malware is increasing every day and these malicious software are constantly evolving. Cybersecurity analysts spend days trying to understand their behaviour and develop techniques to facilitate their analysis. Symbolic execution is one of these techniques. It allows analysts to explore all the paths that can possibly be reached during the execution of a program without really executing it. Unfortunately, this technique has its limitations as the problem of path explosion which implies that the set of paths is too large to be visited. Hopefully, new tools were recently implemented to prevent such kind of issues and to facilitate the analysis of binaries with symbolic execution. The aim of this work is to integrate a symbolic execution visualization tool (SymNav) with a malware analysis tool (SEMA) in order to see how visualization can help/facilitate the work of cybersecurity analysts. We will show the different features of these 2 combined tools and what they bring to each other. Then, we’ll use it on a malware sample. Finally, we will discuss about the different limitations and possible improvements for future projects.