Yu, Chii Heng (2022) Obfuscated computer malware classification based on significant opcode. Masters thesis, Universiti Teknologi Malaysia, Faculty of Engineering - School of Electrical Engineering.
|
PDF
369kB |
Official URL: http://dms.library.utm.my:8080/vital/access/manage...
Abstract
Computer malware has greatly impacted the computer network securities and even personal computer users. Signature-based detection is incapable to recognize the obfuscated computer malware since it is being covered by the obfuscation techniques. Therefore, machine learning is being explored and equipped in the malware detection to withstand the threaten of malware. In fact, there are many features available, i.e., text string to be implemented for malware classification. Nevertheless, opcode could be one of the features owing to its relative smaller data size compared to the text string. In this project, the significant opcodes from the executable malware files are extracted and several machine learning classifiers are compared in terms of classification accuracy and speed, as well as the comparison is done with text string-based detection and signature-based detection. Only significant opcodes are extracted from the malware assembly code whereas the obfuscated malware code is used as testing dataset to observe the performance of classifier models. From the finding, machine learning classification using significant opcode is able to detect obfuscated malware with less time taken as compared to text string feature.
Item Type: | Thesis (Masters) |
---|---|
Uncontrolled Keywords: | obfuscated computer malware, opcode, text string |
Subjects: | T Technology > TK Electrical engineering. Electronics Nuclear engineering |
Divisions: | Faculty of Engineering - School of Electrical |
ID Code: | 99642 |
Deposited By: | Yanti Mohd Shah |
Deposited On: | 08 Mar 2023 04:07 |
Last Modified: | 08 Mar 2023 04:07 |
Repository Staff Only: item control page