A genetic-algorithm-based solution for HTTP-based malware signature generation

dc.contributor.advisorGhorbani, Ali
dc.contributor.authorPourafshar, Amir
dc.date.accessioned2023-03-01T16:52:08Z
dc.date.available2023-03-01T16:52:08Z
dc.date.issued2014
dc.date.updated2016-11-01T00:00:00Z
dc.description.abstractThe rise in prevalence of malwares has become the most serious threat to Internet security. In order to minimize the devastating impact of this threat many malware detection strategies and systems have been developed, in recent years. This thesis presents a novel malware signature generation and evolution system to detect never-before-seen malwares. We focus on automatic generation of evolved signatures for HTTP-based malware traces based on features and the structure of currently known malwares. The idea is that we can evolve signatures of known malwares to predict the structure of future malware traces since they usually inherit some of their characteristics and structure from their predecessors. We implemented a proof-of-concept version of our proposed evolutionary signature generation system. Datasets of malicious and legitimate network traffic have been used to evaluate the proposed system. Results from performed experiments show the system's ability in detecting an acceptable portion of new, unknown malware samples while maintaining a low false alarm rate. Using the base and evolved signatures together increased the average detection rate of the unknown malicious traces from 38:4% to 50:8%. This improvement happens while the average false positive rate of the evolved signature sets is 2:7 * 10‾³.
dc.description.copyright© Amir Pourafshar, 2014
dc.description.noteElectronic Only. (UNB thesis number) Thesis 9385. (OCoLC) 961805552.
dc.description.noteM.C.S., University of New Brunswick, Faculty of Computer Science, 2014.
dc.formattext/xml
dc.format.extentx, 109 pages
dc.format.mediumelectronic
dc.identifier.oclc(OCoLC) 961805552
dc.identifier.otherThesis 9385
dc.identifier.urihttps://unbscholar.lib.unb.ca/handle/1882/14592
dc.language.isoen_CA
dc.publisherUniversity of New Brunswick
dc.rightshttp://purl.org/coar/access_right/c_abf2
dc.subject.disciplineComputer Science
dc.subject.lcshMalware (Computer software)
dc.subject.lcshGenetic algorithms.
dc.subject.lcshDigital signatures.
dc.titleA genetic-algorithm-based solution for HTTP-based malware signature generation
dc.typemaster thesis
thesis.degree.disciplineComputer Science
thesis.degree.fullnameMaster of Computer Science
thesis.degree.grantorUniversity of New Brunswick
thesis.degree.levelmasters
thesis.degree.nameM.C.S.

Files

Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
item.pdf
Size:
1.56 MB
Format:
Adobe Portable Document Format