Publication Date

Spring 2019

Degree Type

Master's Project

Degree Name

Master of Science (MS)


Computer Science

First Advisor

Mark Stamp

Second Advisor

Fabio Di Troia

Third Advisor

Thomas Austin


malware evolution, svm


Malware is software that is designed to do harm to computer systems. Malware often evolves over a period of time as malware developers add new features and fix bugs. Thus, malware samples from the same family from different time periods can exhibit significantly different behavior. Differences between malware samples within a single family can originate from various code modifications designed to evade signature-based detection or changes that are made to alter the functionality of the malware itself. In this research, we apply feature ranking based on linear support vector machine (SVM) weights to identify, quantify, and track changes within malware families over time. We analyze numerous malware families over an extended period of time. Our goal is to detect and analyze evolutionary changes over a wide variety of malware families using quantifiable and automated machine learning techniques.