Malicious VBScript Detection and Classification Doaa Wael Ahmed Abdelrahman
Material type:
TextLanguage: English Summary language: English Publication details: 2018Description: 96 p. ill. 21 cmSubject(s): Genre/Form: DDC classification: - 658
| Item type | Current library | Call number | Status | Date due | Barcode | |
|---|---|---|---|---|---|---|
Thesis
|
Main library | 658 / D.W.M / 2018 (Browse shelf(Opens below)) | Not For Loan |
Browsing Main library shelves Close shelf browser (Hides shelf browser)
|
|
No cover image available No cover image available | No cover image available No cover image available |
|
|
|
||
| 658/CO.O The Oz principle : getting results through individual and organizational accountability / | 658 / CU.M 2008 Multinational management : | 658/D.M.D/2024 Detecting ddos attack using machine learning | 658 / D.W.M / 2018 Malicious VBScript Detection and Classification | 658 / DA.E 2006 Explorations in management thought : | 658 / DA.N 2006 The new era of management / | 658 / DA.N 2009 New era of management / |
Supervisor: Nashwa Abd El-Baki
Thesis (M.A.)—Nile University, Egypt, 2018 .
"Includes bibliographical references"
Contents:
Abstract .................................................................................................... v
Acknowledgments.................................................................................. vii
List of Publications ................................................................................. xi
List of Figures ....................................................................................... xiii
List of Tables ......................................................................................... xv
List of Acronyms ................................................................................. xvii
Malicious VBScript ................................................................................. 1
1.1 Motivation ................................................................................. 1
1.2 Thesis Contributions ................................................................. 2
1.3 Outline of The Thesis ................................................................ 3
Computer Security and Malware Analysis .............................................. 5
1.4 Computer Security..................................................................... 5
2.2 Malware ..................................................................................... 7
2.2.1 Historic View .......................................................................... 7
2.2.2 Malware Types................................................................... 8
2.3 Script Based Malware ............................................................. 10
2.4 VBScript .................................................................................. 11
Literature Review................................................................................... 15
3.1.1 Static Analysis ................................................................. 16
3.1.2 Dynamic Analysis ............................................................ 16
3.1.3 Hybrid Analysis ............................................................... 17
3.2 Malware Detection Techniques ............................................... 17
Malicious VBScript Detection Algorithm Based on Data-Mining Techniques ............................................................................................. 33
4.3 Performance Evaluation ............................................................... 45
4.4 Proposed System Improvements .................................................. 46
46. 4.5 Conclusions ....................................................................... 49
Results .................................................................................................... 51
Conclusions ........................
Abstract:
Malware attacks are amongst the most common security threats. Every day, malware samples are rapidly increasing. Not only malware incidents are fast increasing, but also, the attack methodologies are getting more sophisticated. Alongside to that, malware writers always change and develop their codes, platforms, and, evasion techniques. Nowadays, script-based malwares start to be used in a wide range of malware attacks.
Script-based malware has been used profusely in last years. It provides malware writers with traditional capabilities of file-based malware. Moreover, it increases the evasion techniques by deploying different easy methods of script obfuscation techniques. Furthermore, according to McAfee Labs Threat Report, Script-based malwares were used to hit healthcare sector in 2017. Healthcare accounted for more than 26 % of the 52 million new cyber incidents in the second quarter of 2017. Thus, malware analysis and detection techniques must be developed quickly in order to provide consistent and contented life services. The process of malware analysis can be broken down into static, dynamic, and hybrid analysis.
The aim of this thesis is:
• To focus on script-based malware, especially malicious VBScript.
• To use static malware analysis in order to find discriminative features that classify malicious VBScript.
• To propose a new approach which accurately classifies malicious VBScript based on data mining techniques.
vi
In this thesis, a new algorithm is proposed to improve the detection ratio of malicious VBScript files and to decrease the false positive results.
The proposed algorithm is used to detect malicious scripts specifically for VBScript files. It is based on machine learning techniques and static analysis of the defined features. Experimental results show that the suggested algorithm can achieve 98% detection ratio.
Text in English, abstracts in English.
There are no comments on this title.