This master's thesis describes the visualization of program flow of executable files on Microsoft Windows platform. In theoretical part it describes the PE EXE file format and instruction format. In following chapters there are described current methods of malware analysis, especially the analysis of program flow. Then there are introduced current malware visualization methods and tools for 3D data visualization. The main objective is design and implementation of 3D visualization of jumps in executable files. The result is the visualization tool, which helps to identify different samples of malware from the normal code.
| Identifer | oai:union.ndltd.org:nusl.cz/oai:invenio.nusl.cz:237083 |
| Date | January 2011 |
| Creators | Rusnák, Jakub |
| Contributors | Bartoň, Radek, Zemčík, Pavel |
| Publisher | Vysoké učení technické v Brně. Fakulta informačních technologií |
| Source Sets | Czech ETDs |
| Language | Czech |
| Detected Language | English |
| Type | info:eu-repo/semantics/masterThesis |
| Rights | info:eu-repo/semantics/restrictedAccess |
Page generated in 0.0108 seconds