Show simple item record

Malware Analysis;: A Systematic Approach

dc.contributor.advisorKnapskog, Svein Johannb_NO
dc.contributor.authorWedum, Petter Langelandnb_NO
dc.date.accessioned2014-12-19T14:12:24Z
dc.date.available2014-12-19T14:12:24Z
dc.date.created2010-09-03nb_NO
dc.date.issued2008nb_NO
dc.identifier347719nb_NO
dc.identifierntnudaim:4086nb_NO
dc.identifier.urihttp://hdl.handle.net/11250/261770
dc.description.abstractAn almost incomprehensible amount of data and information is stored on millions and millions of computers worldwide. The computers, interconnected in local, national and international networks, use and share a high number of various software programs. Individuals, corporations, hospitals, communication networks, authorities among others are totally dependent on the reliability and accessibility of the data and information stored, and on the correct and predictable operation of the soft ware programs, the computers and the networks connecting them. Malware types have different objectives and apply different techniques, but they all compromise security in one way or another. To be able to defend against the threat imposed by malware we need to understand both how and why the malware exists. Malware is under constant development, exploiting new vulnerabilities, employing more advanced techniques, and finding new ways to compromise computer security. This document presents the nature of malware today and outlines some analytical techniques used by security experts. Furthermore, a process for analyzing malware samples with the goal of discovering the behaviour of the samples and techniques used by the samples is presented. A flowchart of malware analysis, with tools and procedures, is suggested. The analysis process is shown to be effective and to minimize the time consumption of manual malware analysis. An analysis is performed on two distinct malware samples, disclosing behaviour, location, encryption techniques, and other techniques employed by the samples. It is demonstrated that the two malware samples, both using advanced techniques, have different objectives and varying functionality. Although complex in behaviour, the malware samples show evidence of lacking programming skills with the malware designers, rendering the malware less effective than intended. Both samples are distributed in a packed form. The process of unpacking each of the samples is described together with an outlining of the unpacking process.nb_NO
dc.languageengnb_NO
dc.publisherInstitutt for telematikknb_NO
dc.subjectntnudaimno_NO
dc.subjectSIE7 kommunikasjonsteknologino_NO
dc.subjectTelematikkno_NO
dc.titleMalware Analysis;: A Systematic Approachnb_NO
dc.typeMaster thesisnb_NO
dc.source.pagenumber122nb_NO
dc.contributor.departmentNorges teknisk-naturvitenskapelige universitet, Fakultet for informasjonsteknologi, matematikk og elektroteknikk, Institutt for telematikknb_NO


Files in this item

Thumbnail
Name:
347719_COVER01.pdf
Size:
114.4Kb
Format:
PDF
View/Open
Thumbnail
Name:
347719_FULLTEXT01.pdf
Size:
2.192Mb
Format:
PDF
View/Open
Thumbnail
Name:
347719_ATTACHMENT01.zip
Size:
7.393Mb
Format:
Unknown
View/Open

This item appears in the following Collection(s)

Show simple item record