Automatic behavioural analysis of malware
Independent thesis Basic level (degree of Bachelor), 15 credits / 22,5 HE creditsStudent thesis
With malware becoming more and more diused and at the same time more sophisticatedin its attack techniques, countermeasures need to be set up so that new kinds ofthreats can be identied and dismantled in the shortest possible time, before they causeharm to the system under attack. With new behaviour patterns like the one shown bypolymorphic and metamorphic viruses, static analysis is not any more a reliable wayto detect those threats, and behaviour analysis seems a good candidate to ght againstthe next-generation families of viruses. In this project, we describe a methodology toanalyze and categorize binaries solely on the basis of their behaviour, in terms of theirinteraction with the Operating System, other processes and network. The approach canstrengten host-based intrusion detection systems by a timely classication of unkownbut similar malware code. It has been evaluated on a dataset from the research communityand tried on a smaller data set from local companies collected at University ofMondragone.
Place, publisher, year, edition, pages
2010. , 36 p.
Engineering and Technology
IdentifiersURN: urn:nbn:se:liu:diva-64103ISRN: LITH-IDA/ERASMUS-A--10/002--SEOAI: oai:DiVA.org:liu-64103DiVA: diva2:386812