Binary Analysis
Re: Malware as a research area Dec 27 2005 06:21PM
auto349979 hushmail com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Without going into detail, used a modified set program slicing
algorithm together with conditioning statements often used in
security validation and program verification proof techniques to
verify the potential existence of a vulnerability in a set of
machine code and determine the code required to follow the path of
exploitation.

As for references, the following books are more interesting in what
I am looking to accomplish:

silence on the wire
malicious cryptography
reversing

As for convincing faculty that offensive study is ok, I lucked out
on having an advisor who was also very interested in that subject
matter, but I also found that defensive sounding titles for
potential research areas helps immensely.

On Tue, 27 Dec 2005 07:26:55 -0800 kimbalwb (at) notes.udayton (dot) edu [email concealed] wrote:
>I am also researching new techniques in binary vulnerability
>auditing as an
>undergraduate at the Universiity of Dayton and I am looking to go
>on
>and do my PhD in the same Information Assurance area that you are.
>
>When you say you have already autimated the discovery process of
>vulnerabilities, what have you done?
>
>Also, do you have any suggestions for someone like me trying to
>get into a
>PhD program that you are in?
>
>I have been reading mostly these books that I don't know would
>help you or
>not, it sounds like you might be moving onto somethings else these
>books
>don;t cover:
>The Shellcoders Handbook
>Shellcoders Programming Uncovered
>Exploiting Software
>Hacking: The Art of Exploitation
>Hackers Disassembling Uncovered
>and Rootkits (Huglund Butler)
>
>William Kimball
>kimbalwb (at) notes.udayton (dot) edu [email concealed]
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.4

wkYEARECAAYFAkOxhiUACgkQT30L5q3LVyjLDACgjaKMlKrSFfJyd0tj2j6Iz2CQ5iAA
nRQt/eMtqN1lOCPRcJ2Bb0DecoZO
=O++g
-----END PGP SIGNATURE-----

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus