Tuesday 5th November, 2013
1:00pm to 1:35pm
A method for automated hook function generation is described. Hook functions are used by programs to instrument and monitor other programs. User-space hooking is employed to study malicious software. The malware is executed in a sandbox environment and its actions recorded as it calls functions from system libraries. The method as presented solves, at least partially, the problem of writing individual hook functions for the hundreds or possibly thousands of entry points into a system library, e.g. the Win32 API.
1:40pm MASTIFF: Automated Static Analysis Framework by Tyler Hudak
Sign in to add slides, notes or videos to this session