Slashdot Mirror

← Back to Stories (view on slashdot.org)

Can Reverse Engineering Help In Stopping Worms?

Posted by Hemos on from the yes-but-to-what-extent dept.

krozinov writes "The goal of this paper is to try to answer the following three questions: How do you reverse engineer a virus? Can reverse engineering a virus lead to better ways of detecting, preventing, and recovering from a virus and its future variants? Can reverse engineering be done more efficiently? The paper is organized into five sections and two appendixes. Section 1 is the introduction. Section 2 reviews basic x86 concepts, including registers, assembly, runtime data structures, and the stack. Section 3 gives a brief introduction to viruses, their history, and their types. Section 4 delves into the Beagle virus disassembly, including describing the techniques and resources used in this process as well as presenting a high level functional flow of the virus. Section 5 presents the conclusions of this research. Appendix A provides a detailed disassembly of the Beagle worm, while Appendix B presents the derived source code of the Beagle virus, as a result of this research."

2 of 187 comments (clear)

  1. Should Read by Phixxr · · Score: 0, Troll
    "Can posting your own half-baked paper to slashdot make you famous"...

    Or... Dissassembly For Dummies.

    -phixxr.

    --
    ungggghhhh
  2. DMCA violation by Phleg · · Score: 0, Troll

    You heard me.

    --
    No comment.