Uğurlu, Ömer Sezgin2016-01-082016-01-082009http://hdl.handle.net/11693/14949Ankara : The Department of Computer Engineering and the Institute of Engineering and Science of Bilkent University, 2009.Thesis (Master's) -- Bilkent University, 2009.Includes bibliographical references leaves 60-63.Malware is one of the biggest problems of the world of bits and bytes. Generally malware does activities a user normally does not do, such as becoming part of a virtual army or submitting confidential data of the user to the malware author. There are publicly available analysis services for unknown binaries. Sandbox analysis is performed by execution of an untrusted binary in an isolated environment. It is a very common technique for malware research. Publicly available sandbox analysis platforms help users to see traces of the execution without harming their system. Also it helps owners of the sandbox to collect malware and makes the job of analysts easier. One major problem of the public sandbox testing is that malware authors can also benefit from analysis of sandboxes. If they can identify sandbox systems they can hide malicious behavior. This thesis presents the publicly used Anubis sandbox, detection mechanisms used against Anubis[3], further possible detection mechanisms and our efforts for hiding fingerprint of Anubis from malware and decreasing the resulting false negative rates for the malware detection.xii, 75 leavesEnglishinfo:eu-repo/semantics/openAccessMalware analysisSandbox analysisStealth analysisTK5105.59 .U48 2009Computer networks--Security measures.Computer security.Virtual computer systems.ThesisB117987