Normal view MARC view ISBD view

Malicious VBScript Detection and Classification (Record no. 8864)

MARC details
000 -LEADER
fixed length control field	05457nam a22002537a 4500
008 - FIXED-LENGTH DATA ELEMENTS--GENERAL INFORMATION
fixed length control field	210125b2018 a\|\|\|f mb\|\| 00\| 0 eng d
040 ## - CATALOGING SOURCE
Original cataloging agency	EG-CaNU
Transcribing agency	EG-CaNU
041 0# - Language Code
Language code of text	eng
Language code of abstract	eng
082 ## - DEWEY DECIMAL CLASSIFICATION NUMBER
Classification number	658
100 0# - MAIN ENTRY--PERSONAL NAME
Personal name	Doaa Wael Ahmed Abdelrahman
245 1# - TITLE STATEMENT
Title	Malicious VBScript Detection and Classification
Statement of responsibility, etc.	Doaa Wael Ahmed Abdelrahman
260 ## - PUBLICATION, DISTRIBUTION, ETC.
Date of publication, distribution, etc.	2018
300 ## - PHYSICAL DESCRIPTION
Extent	96 p.
Other physical details	ill.
Dimensions	21 cm.
500 ## - GENERAL NOTE
Materials specified	Supervisor: Nashwa Abd El-Baki
502 ## - Dissertation Note
Dissertation type	Thesis (M.A.)—Nile University, Egypt, 2018 .
504 ## - Bibliography
Bibliography	"Includes bibliographical references"
505 0# - Contents
Formatted contents note	Contents:<br/>Abstract .................................................................................................... v<br/>Acknowledgments.................................................................................. vii<br/>List of Publications ................................................................................. xi<br/>List of Figures ....................................................................................... xiii<br/>List of Tables ......................................................................................... xv<br/>List of Acronyms ................................................................................. xvii<br/>Malicious VBScript ................................................................................. 1<br/>1.1 Motivation ................................................................................. 1<br/>1.2 Thesis Contributions ................................................................. 2<br/>1.3 Outline of The Thesis ................................................................ 3<br/>Computer Security and Malware Analysis .............................................. 5<br/>1.4 Computer Security..................................................................... 5<br/>2.2 Malware ..................................................................................... 7<br/>2.2.1 Historic View .......................................................................... 7<br/>2.2.2 Malware Types................................................................... 8<br/>2.3 Script Based Malware ............................................................. 10<br/>2.4 VBScript .................................................................................. 11<br/>Literature Review................................................................................... 15<br/>3.1.1 Static Analysis ................................................................. 16<br/>3.1.2 Dynamic Analysis ............................................................ 16<br/>3.1.3 Hybrid Analysis ............................................................... 17<br/>3.2 Malware Detection Techniques ............................................... 17<br/>Malicious VBScript Detection Algorithm Based on Data-Mining Techniques ............................................................................................. 33<br/>4.3 Performance Evaluation ............................................................... 45<br/>4.4 Proposed System Improvements .................................................. 46<br/>46. 4.5 Conclusions ....................................................................... 49<br/>Results .................................................................................................... 51<br/>Conclusions ........................
520 3# - Abstract
Abstract	Abstract:<br/>Malware attacks are amongst the most common security threats. Every day, malware samples are rapidly increasing. Not only malware incidents are fast increasing, but also, the attack methodologies are getting more sophisticated. Alongside to that, malware writers always change and develop their codes, platforms, and, evasion techniques. Nowadays, script-based malwares start to be used in a wide range of malware attacks.<br/>Script-based malware has been used profusely in last years. It provides malware writers with traditional capabilities of file-based malware. Moreover, it increases the evasion techniques by deploying different easy methods of script obfuscation techniques. Furthermore, according to McAfee Labs Threat Report, Script-based malwares were used to hit healthcare sector in 2017. Healthcare accounted for more than 26 % of the 52 million new cyber incidents in the second quarter of 2017. Thus, malware analysis and detection techniques must be developed quickly in order to provide consistent and contented life services. The process of malware analysis can be broken down into static, dynamic, and hybrid analysis.<br/>The aim of this thesis is:<br/>• To focus on script-based malware, especially malicious VBScript.<br/>• To use static malware analysis in order to find discriminative features that classify malicious VBScript.<br/>• To propose a new approach which accurately classifies malicious VBScript based on data mining techniques.<br/>vi<br/>In this thesis, a new algorithm is proposed to improve the detection ratio of malicious VBScript files and to decrease the false positive results.<br/>The proposed algorithm is used to detect malicious scripts specifically for VBScript files. It is based on machine learning techniques and static analysis of the defined features. Experimental results show that the suggested algorithm can achieve 98% detection ratio.
546 ## - Language Note
Language Note	Text in English, abstracts in English.
650 #4 - Subject
Subject	Information Security
655 #7 - Index Term-Genre/Form
Source of term	NULIB
focus term	Dissertation, Academic
690 ## - Subject
School	Information Security
942 ## - ADDED ENTRY ELEMENTS (KOHA)
Source of classification or shelving scheme	Dewey Decimal Classification
Koha item type	Thesis
650 #4 - Subject
--	294
655 #7 - Index Term-Genre/Form
--	187
690 ## - Subject
--	294

Holdings
Withdrawn status	Lost status	Source of classification or shelving scheme	Damaged status	Not for loan	Home library	Current library	Date acquired	Total Checkouts	Full call number	Date last seen	Price effective from	Koha item type
		Dewey Decimal Classification		Not For Loan	Main library	Main library	01/25/2021		658 / D.W.M / 2018	01/25/2021	01/25/2021	Thesis