A genetic-algorithm-based solution for HTTP-based malware signature generation
| dc.contributor.advisor | Ghorbani, Ali | |
| dc.contributor.author | Pourafshar, Amir | |
| dc.date.accessioned | 2023-03-01T16:52:08Z | |
| dc.date.available | 2023-03-01T16:52:08Z | |
| dc.date.issued | 2014 | |
| dc.date.updated | 2016-11-01T00:00:00Z | |
| dc.description.abstract | The rise in prevalence of malwares has become the most serious threat to Internet security. In order to minimize the devastating impact of this threat many malware detection strategies and systems have been developed, in recent years. This thesis presents a novel malware signature generation and evolution system to detect never-before-seen malwares. We focus on automatic generation of evolved signatures for HTTP-based malware traces based on features and the structure of currently known malwares. The idea is that we can evolve signatures of known malwares to predict the structure of future malware traces since they usually inherit some of their characteristics and structure from their predecessors. We implemented a proof-of-concept version of our proposed evolutionary signature generation system. Datasets of malicious and legitimate network traffic have been used to evaluate the proposed system. Results from performed experiments show the system's ability in detecting an acceptable portion of new, unknown malware samples while maintaining a low false alarm rate. Using the base and evolved signatures together increased the average detection rate of the unknown malicious traces from 38:4% to 50:8%. This improvement happens while the average false positive rate of the evolved signature sets is 2:7 * 10‾³. | |
| dc.description.copyright | © Amir Pourafshar, 2014 | |
| dc.description.note | Electronic Only. (UNB thesis number) Thesis 9385. (OCoLC) 961805552. | |
| dc.description.note | M.C.S., University of New Brunswick, Faculty of Computer Science, 2014. | |
| dc.format | text/xml | |
| dc.format.extent | x, 109 pages | |
| dc.format.medium | electronic | |
| dc.identifier.oclc | (OCoLC) 961805552 | |
| dc.identifier.other | Thesis 9385 | |
| dc.identifier.uri | https://unbscholar.lib.unb.ca/handle/1882/14592 | |
| dc.language.iso | en_CA | |
| dc.publisher | University of New Brunswick | |
| dc.rights | http://purl.org/coar/access_right/c_abf2 | |
| dc.subject.discipline | Computer Science | |
| dc.subject.lcsh | Malware (Computer software) | |
| dc.subject.lcsh | Genetic algorithms. | |
| dc.subject.lcsh | Digital signatures. | |
| dc.title | A genetic-algorithm-based solution for HTTP-based malware signature generation | |
| dc.type | master thesis | |
| thesis.degree.discipline | Computer Science | |
| thesis.degree.fullname | Master of Computer Science | |
| thesis.degree.grantor | University of New Brunswick | |
| thesis.degree.level | masters | |
| thesis.degree.name | M.C.S. |
Files
Original bundle
1 - 1 of 1