Malware anti-analysis techniques characterization and detection: anti-disassembly
In the evolving landscape of cybersecurity, the threat posed by malware continues to grow in complexity and sophistication. This thesis focuses on the characterization and detection of malware anti-analysis techniques, specifically anti-disassembly methods. Understanding these techniques is crucial...
| Autor: | |
|---|---|
| Formato: | tesis de maestría |
| Fecha de publicación: | 2024 |
| País: | España |
| Recursos: | Universitat Politècnica de Catalunya (UPC) |
| Repositorio: | UPCommons. Portal del coneixement obert de la UPC |
| Idioma: | inglés |
| OAI Identifier: | oai:upcommons.upc.edu:2117/423082 |
| Acesso em linha: | https://hdl.handle.net/2117/423082 |
| Access Level: | acceso abierto |
| Palavra-chave: | Malware (Computer software) Computer networks -- Security measures Software protection Malware Anti-Analysis Techniques Anti-Disassembly YARA rules Techniques Characterization and Detection Programari maliciós Ordinadors, Xarxes d' -- Mesures de seguretat Programari -- Protecció Àrees temàtiques de la UPC::Enginyeria de la telecomunicació::Telemàtica i xarxes d'ordinadors |
| Resumo: | In the evolving landscape of cybersecurity, the threat posed by malware continues to grow in complexity and sophistication. This thesis focuses on the characterization and detection of malware anti-analysis techniques, specifically anti-disassembly methods. Understanding these techniques is crucial for developing effective countermeasures against malware that attempts to evade detection by security analysts. This research delves into the various methods employed by malware to avoid disassembly and analysis. The thesis also explores the application and importance of YARA rules in identifying and mitigating these anti- analysis techniques. YARA, a powerful tool for malware research, allows for the creation of customizable rules that can detect specific patterns and behaviors associated with malicious software. Through this study, we aim to enhance the detection capabilities of cybersecurity tools and provide a robust framework for defending against sophisticated malware's techniques of obfuscation. |
|---|