Master of Science (MS)
Malware analysis can be based on static or dynamic analysis. Static analysis includes signature-based detection and other forms of analysis rely only on features that can be extracted without code execution or emulation. In contrast, dynamic analysis depends on features extracted at runtime (or via emulation) such as API calls, patterns of memory access, and so on. Dynamic analysis can be more informative and is generally more robust, but static analysis is typically more efficient. In this research, we implement, test, and analyze malware scores based on image processing. Previous work has shown that useful malware scores can be obtained when binaries are treated as images. We test a wide variety of image processing techniques and machine learning techniques. Further, we develop a dataset that is designed to evade detection mechanisms that employ image analysis.
Selvin, Vikash Raja Samuel, "Malware Scores Based on Image Processing" (2017). Master's Projects. 546.