Show simple item record

dc.contributor.advisorZhou, Xiaobo
dc.contributor.authorUpchurch, Jason R.
dc.contributor.committeememberChow, Edward
dc.contributor.committeememberRao, Jia
dc.contributor.committeememberLewis, Rory
dc.contributor.committeememberFulton, Steven
dc.date.accessioned2016-05-10T22:46:13Z
dc.date.available2016-11-06T04:39:28Z
dc.date.submitted2016-05
dc.descriptionIncludes bibliographical references.
dc.description.abstractDetecting code reuse in software has applications in malicious code analysis and malware code search and retrieval, but is complicated by the lack of available source code. Malware Provenance examines the difficulties in detecting code reuse in malware, particularly concerning the transformative processes during compilation. The thesis proposes methods of normalization to allow for code reuse detection within compiled x86 malicious software. It examines a method for filtering as well as visualizing results of similarity uncovered in the process. The thesis proposes a method to conduct similarity measurements that is O n(log n) for all-pairs comparisons. The approaches, contained within, also allow for the creation of signatures of supersets as well as malware variants, which allow Malware Provenance to function, as not only a code reuse detection approach, but also an accurate and fast method to detect malware family variants. Experimental results show that Malware Provenance is advantageous in detection accuracy and comparison time.
dc.identifierUpchurch_uccs_0892D_10154.pdf
dc.identifier.urihttp://hdl.handle.net/10976/166579
dc.languageEnglish
dc.publisherUniversity of Colorado Colorado Springs. Kraemer Family Library
dc.rightsCopyright of the original work is retained by the author.
dc.rights.accessEmbargo Expires: 11/06/2016
dc.subjectdetection
dc.subjectmalware
dc.subjectsecurity
dc.subjectsimilarity
dc.subjectsoftware
dc.titleMalware provenance : detecting code reuse in malicious software
dc.typeThesis
dcterms.embargo.expires2016-11-06
thesis.degree.disciplineCollege of Engineering and Applied Science-Computer Science
thesis.degree.grantorUniversity of Colorado Colorado Springs
thesis.degree.levelDoctoral
thesis.degree.nameDoctor of Philosophy (Ph.D.)


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record