Publication Date

Spring 5-20-2020

Degree Type

Master's Project

Degree Name

Master of Science (MS)

First Advisor

Mark Stamp

Second Advisor

Thomas Austin

Third Advisor

Fabio Di Troia

Abstract

Malware is a malicious software that causes disruption, allows access to unapproved resources, or performs other unauthorized activity. Developing effective malware detection techniques is a critical aspect of information security. One difficulty that arises is that malware often evolves over time, due to changing goals of malware developers, or to counter advances in detection. This evolution can occur through various modifications in malware code. To maintain effective malware detection, it is necessary to detect and analyze malware evolution so that appropriate countermeasures can be taken. We perform a variety of experiments to detect points in time where a malware family has likely evolved. We then conduct further experiments to confirm that such evolution has actually occurred. We validate our approach by considering a number of malware families, each of which includes a significant number of samples collected over an extended period of time. All of our experiments are based on machine learning models, and hence our techniques require minimal human intervention and can easily be automated.

Available for download on Thursday, May 20, 2021

Share

COinS