Endre søk
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Dynamic Heuristic Analysis Tool for Detection of Unknown Malware
Blekinge Tekniska Högskola, Fakulteten för datavetenskaper, Institutionen för datalogi och datorsystemteknik.
Blekinge Tekniska Högskola, Fakulteten för datavetenskaper, Institutionen för datalogi och datorsystemteknik.
2016 (engelsk)Independent thesis Basic level (degree of Bachelor), 10 poäng / 15 hpOppgave
Abstract [en]

Context: In today's society virus makers have a large set of obfuscation tools to avoid classic signature detection used by antivirus software. Therefore there is a need to identify new and obfuscated viruses in a better way. One option is to look at the behaviour of a program by executing the program in a virtual environment to determine if it is malicious or benign. This approach is called dynamic heuristic analysis.

Objectives: In this study a new heuristic dynamic analysis tool for detecting unknown malware is proposed. The proposed implementation is evaluated against state-of-the-art in terms of accuracy.

Methods: The proposed implementation uses Cuckoo sandbox to collect the behavior of a software and a decision tree to classify the software as either malicious or benign. In addition, the implementation contains several custom programs to handle the interaction between the components.

Results: The experiment evaluating the implementation shows that an accuracy of 90% has been reached which is higher than 2 out of 3 state-of-the-art software.

Conclusions: We conclude that an implementation using Cuckoo and decision tree works well for classifying malware and that the proposed implementation has a high accuracy that could be increased in the future by including more samples in the training set.

sted, utgiver, år, opplag, sider
2016. , s. 56
Emneord [en]
dynamic heuristic analysis, heuristic analysis, detection, malware detection, unknown malware
HSV kategori
Identifikatorer
URN: urn:nbn:se:bth-12859OAI: oai:DiVA.org:bth-12859DiVA, id: diva2:946970
Fag / kurs
DV1478 Bachelor Thesis in Computer Science
Utdanningsprogram
DVGIS Security Engineering
Veileder
Examiner
Tilgjengelig fra: 2016-07-06 Laget: 2016-07-06 Sist oppdatert: 2018-01-10bibliografisk kontrollert

Open Access i DiVA

fulltext(485 kB)739 nedlastinger
Filinformasjon
Fil FULLTEXT02.pdfFilstørrelse 485 kBChecksum SHA-512
42a6c0872ca2d82ae21bb543bd2cdf6f9b8a240a37b7d29ef16b0beb22271d469af2d89e96f03edee8ab36797361e644e29f5e3dc75adea9f5255acd75816072
Type fulltextMimetype application/pdf

Søk i DiVA

Av forfatter/redaktør
Sokol, MaciejErnstsson, Joakim
Av organisasjonen

Søk utenfor DiVA

GoogleGoogle Scholar
Totalt: 739 nedlastinger
Antall nedlastinger er summen av alle nedlastinger av alle fulltekster. Det kan for eksempel være tidligere versjoner som er ikke lenger tilgjengelige

urn-nbn

Altmetric

urn-nbn
Totalt: 444 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf