Data Flow analysis in malicious binary codes. Cartography of functionalities embedded in a binary codes and their inter-relations
Contact : Jean-Yves Marion
The team Carbone at LORIA and thanks to High Security Lab (HSL) has devised a novel method in order to analyse binary codes dubbed Morphological analysis. The morphological method finds code similarities and detects malware. The objectif of this thesis is to reconstruct the data flow graph inside an obfuscated binary code in order to cartography the used functionalities together with the inter-relations between functionalities. The outcome is a contribution to the detection of new threats.