Automate the tracing of Windows System Calls to identify malicious activities
| dc.contributor.advisor | Nicholas, Charles | |
| dc.contributor.author | Goenka, Siddhant | |
| dc.contributor.department | Computer Science and Electrical Engineering | |
| dc.contributor.program | Computer Science | |
| dc.date.accessioned | 2021-01-29T18:13:51Z | |
| dc.date.available | 2021-01-29T18:13:51Z | |
| dc.date.issued | 2019-01-01 | |
| dc.description.abstract | We describe the problems addressed by various malware or malicious applications on the Microsoft Windows Operating System. Our work focuses on automatic the dynamic malware analysis by intercepting Windows system calls that help to cover a larger range of malware, including the newly evolved fileless variants. Intercepting system calls allow us to monitor malicious activities in a way that malicious behavior can be easily identified without the manual efforts of disassembling binaries. The results will show how our work can help in automating the process of API Hooking for the open source community to detect Byzantine behaviors, rather than focusing on improving the detection mechanism. | |
| dc.format | application:pdf | |
| dc.genre | theses | |
| dc.identifier | doi:10.13016/m2nbhs-botu | |
| dc.identifier.other | 12016 | |
| dc.identifier.uri | http://hdl.handle.net/11603/20915 | |
| dc.language | en | |
| dc.relation.isAvailableAt | The University of Maryland, Baltimore County (UMBC) | |
| dc.relation.ispartof | UMBC Computer Science and Electrical Engineering Department Collection | |
| dc.relation.ispartof | UMBC Theses and Dissertations Collection | |
| dc.relation.ispartof | UMBC Graduate School Collection | |
| dc.relation.ispartof | UMBC Student Collection | |
| dc.source | Original File Name: Goenka_umbc_0434M_12016.pdf | |
| dc.subject | API hooking | |
| dc.subject | Fileless Malware | |
| dc.subject | Malware | |
| dc.subject | Malware Analysis | |
| dc.subject | system calls | |
| dc.subject | Windows | |
| dc.title | Automate the tracing of Windows System Calls to identify malicious activities | |
| dc.type | Text | |
| dcterms.accessRights | Distribution Rights granted to UMBC by the author. | |
| dcterms.accessRights | Access limited to the UMBC community. Item may possibly be obtained via Interlibrary Loan thorugh a local library, pending author/copyright holder's permission. | |
| dcterms.accessRights | This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author. |