Physical Sciences and Mathematics Commons^™

Support Vector Machines And Metamorphic Malware Detection, Tanuvir Singh

Master's Projects

Metamorphic malware changes its internal structure with each infection, which makes it challenging to detect. In this research, we test several scor- ing techniques that have shown promise in metamorphic detection. We then perform a careful robustness analysis by employing morphing strategies that cause each score to fail. Finally, we show that combining scores using a Sup- port Vector Machine (SVM) yields results that are significantly more robust than we obtained using any of the individual scores.

Cryptanalysis Of Classic Ciphers Using Hidden Markov Models, Rohit Vobbilisetty

Master's Projects

Cryptanalysis is the study of identifying weaknesses in the implementation of cryptographic algorithms. This process would improve the complexity of such algo- rithms, making the system secure.

In this research, we apply Hidden Markov Models (HMMs) to classic cryptanaly- sis problems. We show that with sufficient ciphertext, an HMM can be used to break a simple substitution cipher. We also show that when limited ciphertext is avail- able, using multiple random restarts for the HMM increases our chance of successful decryption.

Clustering Versus Svm For Malware Detection, Usha Narra

Master's Projects

Previous work has shown that we can effectively cluster certain classes of mal- ware into their respective families. In this research, we extend this previous work to the problem of developing an automated malware detection system. We first compute clusters for a collection of malware families. Then we analyze the effectiveness of clas- sifying new samples based on these existing clusters. We compare results obtained using �-means and Expectation Maximization (EM) clustering to those obtained us- ing Support Vector Machines (SVM). Using clustering, we are able to detect some malware families with an accuracy comparable to that of SVMs. One …

A Comparison Of Clustering Techniques For Malware Analysis, Swathi Pai

Master's Projects

In this research, we apply clustering techniques to the malware detection problem. Our goal is to classify malware as part of a fully automated detection strategy. We compute clusters using the well-known �-means and EM clustering algorithms, with scores obtained from Hidden Markov Models (HMM). The previous work in this area consists of using HMM and �-means clustering technique to achieve the same. The current effort aims to extend it to use EM clustering technique for detection and also compare this technique with the �-means clustering.

Malware Detection Using Dynamic Analysis, Swapna Vemparala

Master's Projects

In this research, we explore the field of dynamic analysis which has shown promis- ing results in the field of malware detection. Here, we extract dynamic software birth- marks during malware execution and apply machine learning based detection tech- niques to the resulting feature set. Specifically, we consider Hidden Markov Models and Profile Hidden Markov Models. To determine the effectiveness of this dynamic analysis approach, we compare our detection results to the results obtained by using static analysis. We show that in some cases, significantly stronger results can be obtained using our dynamic approach.

Firefox Add-On For Metamorphic Javascript Malware Detection, Sravan Kumar Reddy Javaji

Master's Projects

With the increasing use of the Internet, malicious software has more frequently been designed to take control of users computers for illicit purposes. Cybercriminals are putting a lot of efforts to make malware difficult to detect. In this study, we demonstrate how the metamorphic JavaScript malware can effect a victim’s machine using a malicious or compromised Firefox add-on. Following the same methodology, we develop another add-on with malware static detection technique to detect metamorphic JavaScript malware.

Cheating Detection In Online Examinations, Gaurav Kasliwal

Master's Projects

In this research, we develop and analyze a tool that monitor student browsing activity during online examination. Our goal is to detect cheating in real time. In our design, a server capture packets using KISMET and detects cheating based on either a whitelist or blacklist of URLs. We provide implementation details and give experimental results, and we analyze various attack strategies. Finally, we show that the system is practical and lightweight in comparison to other available tools.

Static Analysis Of Malicious Java Applets, Nikitha Ganesh

Master's Projects

In this research, we consider the problem of detecting malicious Java applets, based on static analysis. In general, dynamic analysis is more informative, but static analysis is more efficient, and hence more practical. Consequently, static analysis is preferred, provided we can obtain results comparable to those obtained using dynamic analysis. We conducted experiments with the machine learning technique, Hidden Markov Model (HMM). We show that in some cases a static technique can detect malicious Java applets with greater accuracy than previously published research that relied on dynamic analysis.

Combining Dynamic And Static Analysis For Malware Detection, Anusha Damodaran

Master's Projects

Well-designed malware can evade static detection techniques, such as signature scanning. Dynamic analysis strips away one layer of obfuscation and hence such an approach can potentially provide more accurate detection results. However, dynamic analysis is generally more costly than static analysis. In this research, we analyze the effectiveness of using dynamic analysis to enhance the training phase, while using only static techniques in the detection phase. Relative to a fully static approach, the additional overhead is minimal, since training is essentially one-time work.