Skip to main content

dynStruct: An automatic reverse engineering tool for structure recovery and memory use analysis

Mercier, Daniel dynStruct: An automatic reverse engineering tool for structure recovery and memory use analysis. Master of Science (MSc) thesis, University of Kent. (KAR id:58461)

PDF (MSc thesis) Other
Language: English


Download (1MB) Preview
[thumbnail of MSc thesis]
Preview
This file may not be suitable for users of assistive technology.
Request an accessible format

Abstract

In computer security, reverse engineering is understanding how a program work. It can be used for multiple purposes, like malware analysis or security audit of a program. Reverse engineering is possible even without the source of the program. In this case, knowing what data structures are used by the program is a considerable help. But recovering these structures is di cult and time consuming. Also, at the time of writing, no tool doing this recovery has been publicly released.

The tests shows that dynStruct can analyze complex program like emacs or xterm. The tests also show that the recovered structures are similar to the original ones. This ensures dynStruct can provide quick and useful information to help reverse engineers in their task.

Item Type: Thesis (Master of Science (MSc))
Additional information: Source code available at https://github.com/ampotos/dynStruct
Uncontrolled keywords: Reverse engineering, security, data structures
Subjects: Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming, > QA76.76 Computer software
Divisions: Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing
Depositing User: Richard Jones
Date Deposited: 08 Nov 2016 17:26 UTC
Last Modified: 16 Feb 2021 13:38 UTC
Resource URI: https://kar.kent.ac.uk/id/eprint/58461 (The current URI for this page, for reference purposes)
  • Depositors only (login required):

Downloads

Downloads per month over past year