Fabrice Sabatier

Learn More
Reverse-engineering malware code is a difficult task, usually full of the traps put by the malware writers. Since the quality of defense softwares depends largely on the analysis of the malware, it becomes crucial to help the software investigators with automatic tools. We describe and present a tool which synchronizes two related binary programs. Our tool(More)
Modèle de protection contre les codes malveillants dans un environnement distribué TH`ESE présentée et soutenue publiquement le 11 Mai 2015 pour l'obtention du Mis en page avec la classe thesul. i Remerciements First, I would like to express my gratitude to my thesis advisor Jean-Yves Marion who gives me opportunities to pursuit the Ph.D program. Without(More)
Fighting malware involves analyzing large numbers of suspicious binary files. In this context, disassembly is a crucial task in malware analysis and reverse engineering. It involves the recovery of assembly instructions from binary machine code. Correct disassembly of binaries is necessary to produce a higher level representation of the code and thus allow(More)
The propagation techniques and the payload of Duqu have been closely studied over the past year and it has been said that Duqu shared functionalities with Stuxnet. We focused on the driver used by Duqu during the infection, our contribution consists in reverse-engineering the driver: we rebuilt its source code and analyzed the mechanisms it uses to execute(More)
  • 1