Identifying malware using n-gram clustering metrics

Posted on:2015-05-08

Degree:M.S

Type:Thesis

University:University of Maryland, Baltimore County

Candidate:Dowd, Christopher Ryan

Full Text:PDF

GTID:2478390020451291

Subject:Computer Science

Abstract/Summary:

We identify a new method for detecting malware within a network that can be processed in linear time. In the digital age, more files are transferred between individuals and systems that have the potential to contain malignant processes. Traditional malware detection and analysis is performed by signature based operations or by hashing current files. A malicious attacker can quickly change found signatures or change various processes to defeat hash based detection. We need a way to quickly identify malicious files to stage them for quarantine and further analysis.;In this thesis we observe the previous methods used to detect malware and develop a new process to identify malware using n-gram analysis to cluster malware specimens by their similarity to each other. Specimens from a well-known malware family are used in this demonstration.

Keywords/Search Tags:

Malware, Identify

Related items

1	Research On Malware Variant Detection Technology Based On Convolutional Neural Network
2	Network Radar System
3	Research On Key Technology Of Malware Detection
4	Definition Of File Malware And Research And Implementation Of Defense Method
5	Research And Implementation Of Critical Techniques In Malware Detection Based On Decompilation
6	The Web Hung Horse Detection System Design And Implementation,
7	Construction And Implementation Of Information Extraction And Knowledge Graph Display System Of Malware
8	Android Malware Detection Based On Semantic Attributes
9	Malware Detection Based On Ontology
10	Android Malware Detection And Analysis Of Malware Behavior