LiU > IDA > Real-Time Systems Lab
ABOUT
MEMBERS
COOPERATION
PROJECTS
PUBLICATIONS
COURSES
OPEN POSITIONS
THESES
ALUMNI

Announcements

[26 May 2014] A bachelor student at RTSLAB was awarded the best thesis award from IDA - Simon Andersson. more ...

[31 May 2012] A masters student at RTSLAB was awarded the best thesis award from IDA - Ulf Magnusson. more ...

[27 February 2008] A masters student at RTSLAB was awarded the best thesis award from IDA - Johan Sigholm. more ...

[03 March 2004] A masters student at RTSLAB was awarded the best thesis award from IDA - Tobias Chyssler. more ...

[01 Jul 2003] For second year in a row a masters student at RTSLAB was awarded the best thesis award from SNART - Mehdi Amirijoo. more ...

Master Thesis - Past Projects - Abstract

Automatic behavioural analysis of malware

ID: LITH-IDA/ERASMUS-A--10/002--SE

With malware becoming more and more diffused and at the same time more sophisticated in its attack techniques, countermeasures need to be set up so that new kinds of threats can be identified and dismantled in the shortest possible time, before they cause harm to the system under attack. With new behaviour patterns like the one shown by polymorphic and metamorphic viruses, static analysis is not any more a reliable way to detect those threats, and behaviour analysis seems a good candidate to fight against the next-generation families of viruses. In this project, we describe a methodology to analyze and categorize binaries solely on the basis of their behaviour, in terms of their interaction with the Operating System, other processes and network. The approach can strengten host-based intrusion detection systems by a timely classification of unkown but similar malware code. It has been evaluated on a dataset from the research community and tried on a smaller data set from local companies collected at University of Mondragone.

Keywords: malware analysis behaviour machine learning

Author(s): Tiziano Santoro

Contact: Simin Nadjm-Tehrani

Click here to return.
Last modified September 2012. If you have questions or suggestions for the webpages, contact the webmaster