| 000 | 05457nam a22002537a 4500 | ||
|---|---|---|---|
| 008 | 210125b2018 a|||f mb|| 00| 0 eng d | ||
| 040 |
_aEG-CaNU _cEG-CaNU |
||
| 041 | 0 |
_aeng _beng |
|
| 082 | _a658 | ||
| 100 | 0 |
_aDoaa Wael Ahmed Abdelrahman _9303 |
|
| 245 | 1 |
_aMalicious VBScript Detection and Classification _cDoaa Wael Ahmed Abdelrahman |
|
| 260 | _c2018 | ||
| 300 |
_a 96 p. _bill. _c21 cm. |
||
| 500 | _3Supervisor: Nashwa Abd El-Baki | ||
| 502 | _aThesis (M.A.)—Nile University, Egypt, 2018 . | ||
| 504 | _a"Includes bibliographical references" | ||
| 505 | 0 | _aContents: Abstract .................................................................................................... v Acknowledgments.................................................................................. vii List of Publications ................................................................................. xi List of Figures ....................................................................................... xiii List of Tables ......................................................................................... xv List of Acronyms ................................................................................. xvii Malicious VBScript ................................................................................. 1 1.1 Motivation ................................................................................. 1 1.2 Thesis Contributions ................................................................. 2 1.3 Outline of The Thesis ................................................................ 3 Computer Security and Malware Analysis .............................................. 5 1.4 Computer Security..................................................................... 5 2.2 Malware ..................................................................................... 7 2.2.1 Historic View .......................................................................... 7 2.2.2 Malware Types................................................................... 8 2.3 Script Based Malware ............................................................. 10 2.4 VBScript .................................................................................. 11 Literature Review................................................................................... 15 3.1.1 Static Analysis ................................................................. 16 3.1.2 Dynamic Analysis ............................................................ 16 3.1.3 Hybrid Analysis ............................................................... 17 3.2 Malware Detection Techniques ............................................... 17 Malicious VBScript Detection Algorithm Based on Data-Mining Techniques ............................................................................................. 33 4.3 Performance Evaluation ............................................................... 45 4.4 Proposed System Improvements .................................................. 46 46. 4.5 Conclusions ....................................................................... 49 Results .................................................................................................... 51 Conclusions ........................ | |
| 520 | 3 | _aAbstract: Malware attacks are amongst the most common security threats. Every day, malware samples are rapidly increasing. Not only malware incidents are fast increasing, but also, the attack methodologies are getting more sophisticated. Alongside to that, malware writers always change and develop their codes, platforms, and, evasion techniques. Nowadays, script-based malwares start to be used in a wide range of malware attacks. Script-based malware has been used profusely in last years. It provides malware writers with traditional capabilities of file-based malware. Moreover, it increases the evasion techniques by deploying different easy methods of script obfuscation techniques. Furthermore, according to McAfee Labs Threat Report, Script-based malwares were used to hit healthcare sector in 2017. Healthcare accounted for more than 26 % of the 52 million new cyber incidents in the second quarter of 2017. Thus, malware analysis and detection techniques must be developed quickly in order to provide consistent and contented life services. The process of malware analysis can be broken down into static, dynamic, and hybrid analysis. The aim of this thesis is: • To focus on script-based malware, especially malicious VBScript. • To use static malware analysis in order to find discriminative features that classify malicious VBScript. • To propose a new approach which accurately classifies malicious VBScript based on data mining techniques. vi In this thesis, a new algorithm is proposed to improve the detection ratio of malicious VBScript files and to decrease the false positive results. The proposed algorithm is used to detect malicious scripts specifically for VBScript files. It is based on machine learning techniques and static analysis of the defined features. Experimental results show that the suggested algorithm can achieve 98% detection ratio. | |
| 546 | _aText in English, abstracts in English. | ||
| 650 | 4 |
_aInformation Security _9294 |
|
| 655 | 7 |
_2NULIB _aDissertation, Academic _9187 |
|
| 690 |
_aInformation Security _9294 |
||
| 942 |
_2ddc _cTH |
||
| 999 |
_c8864 _d8864 |
||