A static and dynamic visual debugger for malware analysis

The number of viruses and malware has grown dramatically over the last few years, and this number is expected to grow in all likelihood. Due to the increasing amount of malicious software circulated over the Internet, it is almost impossible to reverse engineering all binary executable software line by line as it is very challenging and time consuming. In order to provide immediate security solutions and reduce the amount of time on understanding malicious portion consisted in viruses, Trojans and other general security flow, a comprehensive design of visual debugger is introduced in this paper. The research involves with the reverse engineering of binary executable by transforming a stream of bytes that constitutes the program into a corresponding sequence of machine instructions. Both static and dynamic debugger will be developed and interacted with a graph visualization system to visualize the parse instructions of a targeted executable file in execution flow graph. With the intention of improving the effectiveness, graph visualization is developed to accelerate the analysis progress. We reconstruct the targeted program´s control flow and broke it into smaller regions. Fragment of malicious instructions can be easily determined via the control flow graph information.