Automate the tracing of Windows System Calls to identify malicious activities

dc.contributor.advisorNicholas, Charles
dc.contributor.authorGoenka, Siddhant
dc.contributor.departmentComputer Science and Electrical Engineering
dc.contributor.programComputer Science
dc.date.accessioned2021-01-29T18:13:51Z
dc.date.available2021-01-29T18:13:51Z
dc.date.issued2019-01-01
dc.description.abstractWe describe the problems addressed by various malware or malicious applications on the Microsoft Windows Operating System. Our work focuses on automatic the dynamic malware analysis by intercepting Windows system calls that help to cover a larger range of malware, including the newly evolved fileless variants. Intercepting system calls allow us to monitor malicious activities in a way that malicious behavior can be easily identified without the manual efforts of disassembling binaries. The results will show how our work can help in automating the process of API Hooking for the open source community to detect Byzantine behaviors, rather than focusing on improving the detection mechanism.
dc.formatapplication:pdf
dc.genretheses
dc.identifierdoi:10.13016/m2nbhs-botu
dc.identifier.other12016
dc.identifier.urihttp://hdl.handle.net/11603/20915
dc.languageen
dc.relation.isAvailableAtThe University of Maryland, Baltimore County (UMBC)
dc.relation.ispartofUMBC Computer Science and Electrical Engineering Department Collection
dc.relation.ispartofUMBC Theses and Dissertations Collection
dc.relation.ispartofUMBC Graduate School Collection
dc.relation.ispartofUMBC Student Collection
dc.sourceOriginal File Name: Goenka_umbc_0434M_12016.pdf
dc.subjectAPI hooking
dc.subjectFileless Malware
dc.subjectMalware
dc.subjectMalware Analysis
dc.subjectsystem calls
dc.subjectWindows
dc.titleAutomate the tracing of Windows System Calls to identify malicious activities
dc.typeText
dcterms.accessRightsDistribution Rights granted to UMBC by the author.
dcterms.accessRightsAccess limited to the UMBC community. Item may possibly be obtained via Interlibrary Loan thorugh a local library, pending author/copyright holder's permission.
dcterms.accessRightsThis item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author.

Files

Original bundle

Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
Goenka_umbc_0434M_12016.pdf
Size:
351.24 KB
Format:
Adobe Portable Document Format

License bundle

Now showing 1 - 1 of 1
No Thumbnail Available
Name:
GoenkaSAutomate_Open.pdf
Size:
42.89 KB
Format:
Adobe Portable Document Format
Description: