Date of Publication

11-29-2022

Document Type

Master's Thesis

Degree Name

Master of Science in Electronics and Communications Engineering

Subject Categories

Electrical and Computer Engineering

College

Gokongwei College of Engineering

Department/Unit

Electronics And Communications Engg

Thesis Advisor

Argel A. Bandala

Defense Panel Chair

Edwin Sybingco

Defense Panel Member

Ryan Vicerra
Raouf Naguib

Abstract/Summary

This research paper proposes to design and develop a hybrid Metamorphic Malware Analysis of Portable Executable (PE) malware. PE files are regular executable, object codes, and Dynamic Link Libraries (DLLs) files used commonly in Windows operating systems in 32-bit and 64-bit versions. Problems, when PE malware is not detected, is its ability to install rootkits, worms, trojans, etc. Popular approaches in literatures suggest the utilization of signature-based detection. Although most studies produce high accuracy, the increasing popularity of metamorphic malware imposes a challenge in signature-based detection, as metamorphic malware has the ability to rewrite its code to appear benign. Hence, the utilization of behavioral-based detection is more useful in analyzing these types of malware. The downside of this technique is the time it takes to analyze the malware. Hence, this research proposes to design and develop a hybrid analysis system that utilizes both static and dynamic analysis to increase the overall accuracy and processing time the metamorphic PE malware detection. The signature-based detection of the malware will utilize a random forest classifier. The dynamic analysis of the system will utilize sequential learning.

Abstract Format

html

Language

English

Format

Electronic

Keywords

Malware (Computer software)

Upload Full Text

wf_yes

Embargo Period

7-18-2023

Download

Share

COinS