Suhandi, Suhandi and Lukas, Lukas and Lim, Charles (2018) Extraction of Malicious Code from Packed Malware using Emulated Environment. Masters thesis, Swiss German University.
|
Text
Suhandi 21551009 TOC.pdf Download (213kB) | Preview |
|
Text
Suhandi 21551009 1.pdf Restricted to Registered users only Download (187kB) |
||
Text
Suhandi 21551009 2.pdf Restricted to Registered users only Download (682kB) |
||
Text
Suhandi 21551009 3.pdf Restricted to Registered users only Download (461kB) |
||
Text
Suhandi 21551009 4.pdf Restricted to Registered users only Download (1MB) |
||
Text
Suhandi 21551009 5.pdf Restricted to Registered users only Download (149kB) |
||
|
Text
Suhandi 21551009 Ref.pdf Download (218kB) | Preview |
Abstract
Malware Authors are nowadays creating a new technique for evading malware analyst. Encryption and compression can evade a malware static analysis. Binary Obfuscation is one of the techniques which applied encryption and compression on malware. In this thesis, a method is proposed to perform a dynamic analysis from packed malware using memory scanning analysis and instruction tracing to extract a hidden code of malware. By using this method, unpacking process can be determined exactly and hidden code can be extracted. Using similarity and entropy as validation technique help analyst to determine whether hidden malicious code can be extracted successfully.
Item Type: | Thesis (Masters) |
---|---|
Uncontrolled Keywords: | Packed Malware; Memory Forensic; Dynamic Analysis; Evasion Technique |
Subjects: | H Social Sciences > HV Social pathology. Social and public welfare > HV6773 Computer crimes T Technology > T Technology (General) > T58.5 Information technology |
Divisions: | Faculty of Engineering and Information Technology > Department of Information Technology |
Depositing User: | Astuti Kusumaningrum |
Date Deposited: | 13 Jul 2020 15:46 |
Last Modified: | 13 Jul 2020 15:46 |
URI: | http://repository.sgu.ac.id/id/eprint/789 |
Actions (login required)
View Item |