Malware Detection and Cyber Security via Compression
| dc.contributor.advisor | Nicholas, Charles K | |
| dc.contributor.author | Raff, Edward | |
| dc.contributor.department | Computer Science and Electrical Engineering | |
| dc.contributor.program | Computer Science | |
| dc.date.accessioned | 2021-01-29T18:12:36Z | |
| dc.date.available | 2021-01-29T18:12:36Z | |
| dc.date.issued | 2018-01-01 | |
| dc.description.abstract | As society becomes increasingly interconnected and dependent on computing systems, so does the importance of cyber security and the prevention of malware. Beyond just the home computer, smart-phones, routers, printers, and all kinds of devices now run operating systems that could be potentially infected. This represents an explosion in the potential attack surface for a malicious actor. The tools currently available to security professions are improving, but limited. Each tool is designed for one software platform, making their scope limited. Adapting these tools to new platforms and hosts requires years of effort and introduces a significant lag time to protecting any new platforms that will arise in the future. Further, malware often involves an adversary intentionally violating format specification and rules. These violations may be intended to slow reverse engineering efforts, hide intent or attribution, or simply be part of an exploit that is part of the malware's functionality. In this thesis, we develop a new approach for tackling problems related to malware detection and cyber security in general. Specifically, we develop new methods inspired by compression algorithms that support a wide range of tasks. The compression background allows the methods we develop to be applied to any file format, operating system, or platform. This provides a single method which can be used in all circumstances, and dramatically reduces the potential lag time to protect new platforms. Not only does this provide a wide range of flexibility, but we will also show that our approach significantly improves upon the existing methods available to practitioners today. | |
| dc.format | application:pdf | |
| dc.genre | dissertations | |
| dc.identifier | doi:10.13016/m2ivea-dvxb | |
| dc.identifier.other | 11819 | |
| dc.identifier.uri | http://hdl.handle.net/11603/20725 | |
| dc.language | en | |
| dc.relation.isAvailableAt | The University of Maryland, Baltimore County (UMBC) | |
| dc.relation.ispartof | UMBC Computer Science and Electrical Engineering Department Collection | |
| dc.relation.ispartof | UMBC Theses and Dissertations Collection | |
| dc.relation.ispartof | UMBC Graduate School Collection | |
| dc.relation.ispartof | UMBC Student Collection | |
| dc.source | Original File Name: Raff_umbc_0434D_11819.pdf | |
| dc.subject | cyber security | |
| dc.subject | domain knowledge | |
| dc.subject | feature engineering | |
| dc.subject | machine learning | |
| dc.subject | malware | |
| dc.title | Malware Detection and Cyber Security via Compression | |
| dc.type | Text | |
| dcterms.accessRights | Distribution Rights granted to UMBC by the author. | |
| dcterms.accessRights | Access limited to the UMBC community. Item may possibly be obtained via Interlibrary Loan thorugh a local library, pending author/copyright holder's permission. | |
| dcterms.accessRights | This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author. |