{"id":497,"date":"2008-02-01T19:27:53","date_gmt":"2008-02-01T17:27:53","guid":{"rendered":"http:\/\/www.mitternachtshacking.de\/blog\/497-visualisierung-von-schadprogrammen"},"modified":"2018-05-22T22:15:08","modified_gmt":"2018-05-22T21:15:08","slug":"visualisierung-von-schadprogrammen","status":"publish","type":"post","link":"https:\/\/www.mitternachtshacking.de\/blog\/497-visualisierung-von-schadprogrammen","title":{"rendered":"Visualisierung von Schadprogrammen"},"content":{"rendered":"<p>Der rum\u00e4nische K\u00fcnstler <a href=\"http:\/\/sq.ro\/malwarez.php\">Alex Dragulescu<\/a> hat Schadprogramme grafisch dargestellt:<\/p>\n<p>&#8222;<a href=\"http:\/\/sq.ro\/malwarez.php\">Malwarez<\/a> is a series of visualization of worms, viruses, trojans and spyware code. For each piece of disassembled code, API calls, memory addresses and subroutines are tracked and analyzed. Their frequency, density and grouping are mapped to the inputs of an algorithm that grows a virtual 3D entity. Therefore the patterns and rhythms found in the data drive the configuration of the artificial organism.&#8220;<\/p>\n<p><img src=\"\/blog\/wp-content\/uploads\/2008\/02\/netsky.jpg\" \/><\/p>\n<p>Sehr sch\u00f6n &#8230; ich erinnere mich an etwas \u00e4hnliches von Zynamics (fr\u00fcher Sabre Security) die 2006 einen <a href=\"http:\/\/www.heise.de\/security\/Preis-mit-100-000-Euro-fuer-Verfahren-zur-Schaedlings-Analyse--\/news\/meldung\/81733\">Forschungspreis<\/a> f\u00fcr die graphentheoretische Auswertung von Schadprogrammen mit <a href=\"http:\/\/www.zynamics.com\/index.php?page=bindiff\">Bindiff<\/a> bekommen haben und so unbekannte aber \u00e4hnliche Trojaner erkennen k\u00f6nnen.<\/p>\n<p>(via <a href=\"http:\/\/blog.washingtonpost.com\/securityfix\/2008\/01\/putting_a_scary_face_on_malici_1.html\">Washington Post<\/a>)<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Der rum\u00e4nische K\u00fcnstler Alex Dragulescu hat Schadprogramme grafisch dargestellt: &#8222;Malwarez is a series of visualization of worms, viruses, trojans and spyware code. For each piece of disassembled code, API calls, memory addresses and subroutines are tracked and analyzed. Their frequency, density and grouping are mapped to the inputs of an algorithm that grows a virtual [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[8,10],"tags":[],"_links":{"self":[{"href":"https:\/\/www.mitternachtshacking.de\/blog\/wp-json\/wp\/v2\/posts\/497"}],"collection":[{"href":"https:\/\/www.mitternachtshacking.de\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.mitternachtshacking.de\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.mitternachtshacking.de\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.mitternachtshacking.de\/blog\/wp-json\/wp\/v2\/comments?post=497"}],"version-history":[{"count":0,"href":"https:\/\/www.mitternachtshacking.de\/blog\/wp-json\/wp\/v2\/posts\/497\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.mitternachtshacking.de\/blog\/wp-json\/wp\/v2\/media?parent=497"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.mitternachtshacking.de\/blog\/wp-json\/wp\/v2\/categories?post=497"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.mitternachtshacking.de\/blog\/wp-json\/wp\/v2\/tags?post=497"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}