Stealth sandbox analysis of malware
| buir.advisor | Selçuk, Ali Aydın | |
| dc.contributor.author | Uğurlu, Ömer Sezgin | |
| dc.date.accessioned | 2016-01-08T18:11:24Z | |
| dc.date.available | 2016-01-08T18:11:24Z | |
| dc.date.issued | 2009 | |
| dc.department | Department of Computer Engineering | en_US |
| dc.description | Ankara : The Department of Computer Engineering and the Institute of Engineering and Science of Bilkent University, 2009. | en_US |
| dc.description | Thesis (Master's) -- Bilkent University, 2009. | en_US |
| dc.description | Includes bibliographical references leaves 60-63. | en_US |
| dc.description.abstract | Malware is one of the biggest problems of the world of bits and bytes. Generally malware does activities a user normally does not do, such as becoming part of a virtual army or submitting confidential data of the user to the malware author. There are publicly available analysis services for unknown binaries. Sandbox analysis is performed by execution of an untrusted binary in an isolated environment. It is a very common technique for malware research. Publicly available sandbox analysis platforms help users to see traces of the execution without harming their system. Also it helps owners of the sandbox to collect malware and makes the job of analysts easier. One major problem of the public sandbox testing is that malware authors can also benefit from analysis of sandboxes. If they can identify sandbox systems they can hide malicious behavior. This thesis presents the publicly used Anubis sandbox, detection mechanisms used against Anubis[3], further possible detection mechanisms and our efforts for hiding fingerprint of Anubis from malware and decreasing the resulting false negative rates for the malware detection. | en_US |
| dc.description.degree | M.S. | en_US |
| dc.description.statementofresponsibility | Uğurlu, Ömer Sezgin | en_US |
| dc.format.extent | xii, 75 leaves | en_US |
| dc.identifier.itemid | B117987 | |
| dc.identifier.uri | http://hdl.handle.net/11693/14949 | |
| dc.language.iso | English | en_US |
| dc.publisher | Bilkent University | en_US |
| dc.rights | info:eu-repo/semantics/openAccess | en_US |
| dc.subject | Malware analysis | en_US |
| dc.subject | Sandbox analysis | en_US |
| dc.subject | Stealth analysis | en_US |
| dc.subject.lcc | TK5105.59 .U48 2009 | en_US |
| dc.subject.lcsh | Computer networks--Security measures. | en_US |
| dc.subject.lcsh | Computer security. | en_US |
| dc.subject.lcsh | Virtual computer systems. | en_US |
| dc.title | Stealth sandbox analysis of malware | en_US |
| dc.type | Thesis | en_US |
Files
Original bundle
1 - 1 of 1