Publication Date

Spring 2020

Degree Type

Master's Project

Degree Name

Master of Science (MS)


Computer Science

First Advisor

Mark Stamp

Second Advisor

Thomas Austin

Third Advisor

Fabio Di Troia


malware evolution, malware detection


Malware is a malicious software that causes disruption, allows access to unapproved resources, or performs other unauthorized activity. Developing effective malware detection techniques is a critical aspect of information security. One difficulty that arises is that malware often evolves over time, due to changing goals of malware developers, or to counter advances in detection. This evolution can occur through various modifications in malware code. To maintain effective malware detection, it is necessary to detect and analyze malware evolution so that appropriate countermeasures can be taken. We perform a variety of experiments to detect points in time where a malware family has likely evolved. We then conduct further experiments to confirm that such evolution has actually occurred. We validate our approach by considering a number of malware families, each of which includes a significant number of samples collected over an extended period of time. All of our experiments are based on machine learning models, and hence our techniques require minimal human intervention and can easily be automated.