Recent News
Partnering for success: Computer Science students represent UNM in NASA and Supercomputing Competitions
December 11, 2024
New associate dean interested in helping students realize their potential
August 6, 2024
Hand and Machine Lab researchers showcase work at Hawaii conference
June 13, 2024
Two from School of Engineering to receive local 40 Under 40 awards
April 18, 2024
News Archives
[Colloquium] Visualizing Compiled Executables for Malware Analysis
September 30, 2011
Watch Colloquium:
M4V file (599 MB)
- Date: Friday, September 30, 2011
- Time: 12:00 pm — 12:50 pm
- Place: Centennial Engineering Center 1041
Daniel Quist
Advanced Computing Solutions, Los Alamos National Laboratory
Reverse engineering malware is a vital skill that is in constant demand. The existing tools require high-level training and understanding of computer architecture, software, compilers, and many other areas of computer science. Our work covers several areas that are made to lower the barrier of entry to reverse engineering. First, we will introduce a hypervisor based automatic malware analysis system. Second, we will showcase our binary instrumentation framework for analyzing commercial software. Finally, we will show our graph-based dynamic malware execution tracing system named VERA. Each of these systems reduces the complexity of the reverse engineering process, and enhances productivity.
Bio: Daniel Quist is a research scientist at Los Alamos National Laboratory, and founder of Offensive Computing, an open malware research site. His research is in automated analysis methods for malware with software and hardware assisted techniques. He has written several defensive systems to mitigate virus attacks on networks and developed a generic network quarantine technology. He consults with both private and public sectors on system and network security. His interests include malware defense, reverse engineering, exploitation methods, virtual machines, and automatic classification systems. Danny holds a Ph.D. from the New Mexico Institute of Mining and Technology. He has presented at several industry conferences including Blackhat, RSA, and Defcon.