Asmoro, Andy and Galinium, Maulahikmah and Lim, Charles (2018) Unpacking Code Pattern from Packed Binary Executable Using Execution Unit Pattern Based Sequence Alignment Analysis. Masters thesis, Swiss German University.
|
Text
Andy Asmoro 2-1551-014 TOC.pdf Download (223kB) | Preview |
|
Text
Andy Asmoro 2-1551-014 1.pdf Restricted to Registered users only Download (208kB) |
||
Text
Andy Asmoro 2-1551-014 2.pdf Restricted to Registered users only Download (1MB) |
||
Text
Andy Asmoro 2-1551-014 3.pdf Restricted to Registered users only Download (1MB) |
||
Text
Andy Asmoro 2-1551-014 4.pdf Restricted to Registered users only Download (1MB) |
||
Text
Andy Asmoro 2-1551-014 5.pdf Restricted to Registered users only Download (154kB) |
||
|
Text
Andy Asmoro 2-1551-014 Ref.pdf Download (221kB) | Preview |
Abstract
Software packer has been used effectively to hide the original code inside a binary executable of any malware, making it more difficult for existing signature-based antivirus software to detect malicious code inside the executable. The objective of this thesis is to develop a new framework using memory Analysis and DNA Sequence that could identify packer type and implement an extraction method of unpacking code from packed malware. By using this method we can identify packer type based on the similarity with at least 90% similiarity result from the same packer. This show that using this method can extract unpacking code pattern, identified packer type and determine the best algorithm of sequence alignment.
Item Type: | Thesis (Masters) |
---|---|
Uncontrolled Keywords: | Packed Malware; Memory Forensic; Dynamic Analysis; Evasion Technique |
Subjects: | Q Science > QA Mathematics > QA76 Computer software T Technology > TK Electrical engineering. Electronics Nuclear engineering > TK5103 Mobile computing > TK5103.4837 Mobile device forensics |
Divisions: | Faculty of Engineering and Information Technology > Department of Information Technology |
Depositing User: | Astuti Kusumaningrum |
Date Deposited: | 11 Jun 2020 17:01 |
Last Modified: | 11 Jun 2020 17:01 |
URI: | http://repository.sgu.ac.id/id/eprint/771 |
Actions (login required)
View Item |