Physical Sciences and Mathematics Commons^™

Image-Based Malware Classification With Convolutional Neural Networks And Extreme Learning Machines, Mugdha Jain

Master's Projects

Research in the field of malware classification often relies on machine learning models that are trained on high level features, such as opcodes, function calls, and control flow graphs. Extracting such features is costly, since disassembly or code execution is generally required. In this research, we conduct experiments to train and evaluate machine learning models for malware classification, based on features that can be obtained without disassembly or execution of code. Specifically, we visualize malware samples as images and employ image analysis techniques. In this context, we focus on two machine learning models, namely, Convolutional Neural Networks (CNN) and Extreme …

Hot Fusion Vs Cold Fusion For Malware Detection, Snehal Bichkar

Master's Projects

A fundamental problem in malware research consists of malware detection, that is, dis- tinguishing malware samples from benign samples. This problem becomes more challeng- ing when we consider multiple malware families. A typical approach to this multi-family detection problem is to train a machine learning model for each malware family and score each sample against all models. The resulting scores are then used for classification. We refer to this approach as “cold fusion,” since we combine previously-trained models—no retraining of these base models is required when additional malware families are considered. An alternative approach is to train a single model …

Sql Injection Detection Using Machine Learning, Sonali Mishra

Master's Projects

Sharing information over the Internet over multiple platforms and web-applications has become a quite common phenomenon in the recent times. The web-based applications that accept critical information from users store this information in databases. These applications and the databases connected to them are susceptible to all kinds of information security threats due to being accessible through the Internet. The threats include attacks such as Cross Side Scripting (CSS), Denial of Service Attack (DoS0, and Structured Query Language (SQL) Injection attacks. SQL Injection attacks fall under the top ten vulnerabilities when we talk about web-based applications. Through this kind of attack, …

Intelligent Log Analysis For Anomaly Detection, Steven Yen

Master's Projects

Computer logs are a rich source of information that can be analyzed to detect various issues. The large volumes of logs limit the effectiveness of manual approaches to log analysis. The earliest automated log analysis tools take a rule-based approach, which can only detect known issues with existing rules. On the other hand, anomaly detection approaches can detect new or unknown issues. This is achieved by looking for unusual behavior different from the norm, often utilizing machine learning (ML) or deep learning (DL) models. In this project, we evaluated various ML and DL techniques used for log anomaly detection. We …

Breaking Audio Captcha Using Machine Learning/Deep Learning And Related Defense Mechanism, Heemany Shekhar

Master's Projects

CAPTCHA is a web-based authentication method used by websites to distinguish between humans (valid users) and bots(attackers). Audio captcha is an accessible captcha meant for the visually disabled section of users such as color-blind, blind, near-sighted users. In this project, I analyzed the security of audio captchas from attacks that employ machine learning and deep learning models. Audio captchas of varying lengths (5, 7 and 10) and varying background noise (no noise, medium noise or high noise) were analyzed. I found that audio captchas with no background noise or medium background noise were easily attacked with 99% - 100% accuracy. …

Measuring Malware Evolution Using Support Vector Machines, Mayuri Wadkar

Master's Projects

Malware is software that is designed to do harm to computer systems. Malware often evolves over a period of time as malware developers add new features and fix bugs. Thus, malware samples from the same family from different time periods can exhibit significantly different behavior. Differences between malware samples within a single family can originate from various code modifications designed to evade signature-based detection or changes that are made to alter the functionality of the malware itself. In this research, we apply feature ranking based on linear support vector machine (SVM) weights to identify, quantify, and track changes within malware …

Malware Analysis On Pdf, Shubham Shashishekhar Pachpute

Master's Projects

Cyber-attacks are growing day by day and attackers are finding new techniques to cause harm to their target by spreading worms and malware. In the world of innovations and new technologies coming out every day, it creates a possibility of attacking a system and exploiting the vulnerabilities present in the system. One of the methods used for the spread of malware is the Portable Document Format (PDF) files. Due to the flexible nature of these files, it is becoming a sweet spot for the attackers to embed the malware easily into the PDF files. In this report, we are going …

Contract Builder Ethereum Application, Colin M. Fowler

Master's Projects

Developments in Blockchain, smart contract, and decentralized application (“dApps”) technology have enabled new types of software that can improve efficiency within law firms by increasing speed at which attorneys may draft and execute contracts. Smart contracts and dApps are self-executing software that reside on a blockchain. Custom smart contracts can be built in a modular manner in order to emulate contracts that are commonly generated and executed in law firms. Such contracts include those for the transfer of services, goods, and title. This article explores exactly how implementations of smart contracts for law firms may look.

Multifamily Malware Models, Samanvitha Basole

Master's Projects

When training a machine learning model, there is likely to be a tradeoff between the accuracy of the model and the generality of the dataset. Previous research has shown that if we train a model to detect one specific malware family, we obtain stronger results as compared to a case where we train a single model on multiple diverse families. During the detection phase, it would be more efficient to have a single model that could detect multiple families, rather than having to score each sample against multiple models. In this research, we conduct experiments to quantify the relationship between …

Smartphone Gesture-Based Authentication, Preethi Sundaravaradhan

Master's Projects

In this research, we consider the problem of authentication on a smartphone based on gestures, that is, movements of the phone. Accelerometer data from a number of subjects was collected and we analyze this data using a variety of machine learning techniques, including support vector machines (SVM) and convolutional neural networks (CNN). We analyze both the fraud rate (or false accept rate) and insult rate (or false reject rate) in each case.

Machine Learning Versus Deep Learning For Malware Detection, Parth Jain

Master's Projects

It is often claimed that the primary advantage of deep learning is that such models can continue to learn as more data is available, provided that sufficient computing power is available for training. In contrast, for other forms of machine learning it is claimed that models ‘‘saturate,’’ in the sense that no additional learning can occur beyond some point, regardless of the amount of data or computing power available. In this research, we compare the accuracy of deep learning to other forms of machine learning for malware detection, as a function of the training dataset size. We experiment with a …

Classification Of Malware Models, Akriti Sethi

Master's Projects

Automatically classifying similar malware families is a challenging problem. In this research, we attempt to classify malware families by applying machine learning to machine learning models. Specifically, we train hidden Markov models (HMM) for each malware family in our dataset. The resulting models are then compared in two ways. First, we treat the HMM matrices as images and experiment with convolutional neural networks (CNN) for image classification. Second, we apply support vector machines (SVM) to classify the HMMs. We analyze the results and discuss the relative advantages and disadvantages of each approach.

Earmarked Utxo For Escrow Services And Two-Factor Authentication On The Blockchain, Jisha Pillai

Master's Projects

The security of accounts on the blockchain relies on securing private keys, but they are often lost or compromised due to loopholes in key management strategies or due to human error. With an increasing number of thefts in the last few years due to compromised wallets, the security of digital currency has become a significant concern, and no matter how sophisticated and secure mechanisms are put in place to avoid the security risks, it is impossible to achieve a 100% human compliance.

This project introduces a novel concept of Earmarked Unspent Transaction Outputs (EUTXOs). EUTXOs enable every user on the …

Javascript Metamorphic Malware Detection Using Machine Learning Techniques, Aakash Wadhwani

Master's Projects

Various factors like defects in the operating system, email attachments from unknown sources, downloading and installing a software from non-trusted sites make computers vulnerable to malware attacks. Current antivirus techniques lack the ability to detect metamorphic viruses, which vary the internal structure of the original malware code across various versions, but still have the exact same behavior throughout. Antivirus software typically relies on signature detection for identifying a virus, but code morphing evades signature detection quite effectively.

JavaScript is used to generate metamorphic malware by changing the code’s Abstract Syntax Tree without changing the actual functionality, making it very difficult …

Classifying Classic Ciphers Using Machine Learning, Nivedhitha Ramarathnam Krishna

Master's Projects

We consider the problem of identifying the classic cipher that was used to generate a given ciphertext message. We assume that the plaintext is English and we restrict our attention to ciphertext consisting only of alphabetic characters. Among the classic ciphers considered are the simple substitution, Vigenère cipher, playfair cipher, and column transposition cipher. The problem of classification is approached in two ways. The first method uses support vector machines (SVM) trained directly on ciphertext to classify the ciphers. In the second approach, we train hidden Markov models (HMM) on each ciphertext message, then use these trained HMMs as features …

Emulation Vs Instrumentation For Android Malware Detection, Anukriti Sinha

Master's Projects

In resource constrained devices, malware detection is typically based on offline analysis using emulation. In previous work it has been claimed that such emulation fails for a significant percentage of Android malware because well-designed malware detects that the code is being emulated. An alternative to emulation is malware analysis based on code that is executing on an actual Android device. In this research, we collect features from a corpus of Android malware using both emulation and on-phone instrumentation. We train machine learning models based on emulated features and also train models based on features collected via instrumentation, and we compare …

Deep Learning For Image Spam Detection, Tazmina Sharmin

Master's Projects

Spam can be defined as unsolicited bulk email. In an effort to evade text-based spam filters, spammers can embed their spam text in an image, which is referred to as image spam. In this research, we consider the problem of image spam detection, based on image analysis. We apply various machine learning and deep learning techniques to real-world image spam datasets, and to a challenge image spam-like dataset. We obtain results comparable to previous work for the real-world datasets, while our deep learning approach yields the best results to date for the challenge dataset.

Assessing Code Obfuscation Of Metamorphic Javascript, Kaushik Murli

Master's Projects

Metamorphic malware is one of the biggest and most ubiquitous threats in the digital world. It can be used to morph the structure of the target code without changing the underlying functionality of the code, thus making it very difficult to detect using signature-based detection and heuristic analysis. The focus of this project is to analyze Metamorphic JavaScript malware and techniques that can be used to mutate the code in JavaScript. To assess the capabilities of the metamorphic engine, we performed experiments to visualize the degree of code morphing. Further, this project discusses potential methods that have been used to …