Publication Date

Spring 2019

Degree Type

Master's Project

Degree Name

Master of Science (MS)

Department

Computer Science

First Advisor

Thomas Austin

Second Advisor

Fabio Di Troia

Third Advisor

Philip Heller

Keywords

Metamorphic malware, Signature detection, Heuristic anal- ysis, Support Vector Machines

Abstract

Metamorphic malware is one of the biggest and most ubiquitous threats in the digital world. It can be used to morph the structure of the target code without changing the underlying functionality of the code, thus making it very difficult to detect using signature-based detection and heuristic analysis. The focus of this project is to analyze Metamorphic JavaScript malware and techniques that can be used to mutate the code in JavaScript. To assess the capabilities of the metamorphic engine, we performed experiments to visualize the degree of code morphing. Further, this project discusses potential methods that have been used to detect metamorphic malware and their potential limitations. Based on the experiments performed, SVM has shown promise when it comes to detecting and classifying metamorphic code with a high accuracy. An accuracy of 86% is observed when classifying benign, malware and metamorphic files.

Download

Share

COinS