Malware Anti-Analysis Techniques Characterization and Detection: Anti-Debug

This Master's Thesis investigates and compiles anti-analysis techniques used by malware developers to evade debugging, based on Cyber Threat Intelligence sources. The primary objective is to characterize these anti-debugging techniques and develop specific YARA rules to detect each one. These Y...

Descripción completa

Detalles Bibliográficos
Autor: Prats Alvarez, Teo
Tipo de recurso: tesis de maestría
Fecha de publicación:2024
País:España
Institución:Universitat Politècnica de Catalunya (UPC)
Repositorio:UPCommons. Portal del coneixement obert de la UPC
Idioma:inglés
OAI Identifier:oai:upcommons.upc.edu:2117/422928
Acceso en línea:https://hdl.handle.net/2117/422928
Access Level:acceso abierto
Palabra clave:Computer security
Malware
YARA
Anti-debugging
Anti-Analysis
Seguretat informàtica
Àrees temàtiques de la UPC::Informàtica::Seguretat informàtica
Descripción
Sumario:This Master's Thesis investigates and compiles anti-analysis techniques used by malware developers to evade debugging, based on Cyber Threat Intelligence sources. The primary objective is to characterize these anti-debugging techniques and develop specific YARA rules to detect each one. These YARA rules will be validated using malware sample databases and subsequently shared with the cybersecurity community. The research provides a comprehensive overview of current anti-debugging strategies and offers practical tools to enhance malware detection, thereby contributing to improved protection against cyber threats.