Persistent Link:
http://hdl.handle.net/10150/614237
Title:
ENVIRONMENTAL MONITORING DETECTOR
Author:
STEPHENS, JON BARTON
Issue Date:
2016
Publisher:
The University of Arizona.
Rights:
Copyright © is held by the author. Digital access to this material is made possible by the University Libraries, University of Arizona. Further transmission, reproduction or presentation (such as public display or performance) of protected items is prohibited except with permission of the author.
Abstract:
Malware authors have developed many techniques that allow a malicious program to change its behavior, many of which require information from the computing environment. To fully understand how malware will affect a system, all behaviors it can exhibit need to be examined, so tools are needed that can expose when malware uses information from its environment to change its behavior. This project created such a tool called the environmental monitoring detector that will run a malicious program and search for cases of environmental monitoring while the malware is running. The tool is able to detect when a program uses environmental information to conditionally change its execution path; however, it has been found to be ineffective against obfuscated programs due to the lack of instruction specific taint propagation policies.
Type:
text; Electronic Thesis
Degree Name:
B.S.
Degree Level:
Bachelors
Degree Program:
Honors College; Computer Science
Degree Grantor:
University of Arizona
Advisor:
Debray, Saumya K.

Full metadata record

DC FieldValue Language
dc.language.isoen_USen
dc.titleENVIRONMENTAL MONITORING DETECTORen_US
dc.creatorSTEPHENS, JON BARTONen
dc.contributor.authorSTEPHENS, JON BARTONen
dc.date.issued2016-
dc.publisherThe University of Arizona.en
dc.rightsCopyright © is held by the author. Digital access to this material is made possible by the University Libraries, University of Arizona. Further transmission, reproduction or presentation (such as public display or performance) of protected items is prohibited except with permission of the author.en
dc.description.abstractMalware authors have developed many techniques that allow a malicious program to change its behavior, many of which require information from the computing environment. To fully understand how malware will affect a system, all behaviors it can exhibit need to be examined, so tools are needed that can expose when malware uses information from its environment to change its behavior. This project created such a tool called the environmental monitoring detector that will run a malicious program and search for cases of environmental monitoring while the malware is running. The tool is able to detect when a program uses environmental information to conditionally change its execution path; however, it has been found to be ineffective against obfuscated programs due to the lack of instruction specific taint propagation policies.en
dc.typetexten
dc.typeElectronic Thesisen
thesis.degree.nameB.S.en
thesis.degree.levelBachelorsen
thesis.degree.disciplineHonors Collegeen
thesis.degree.disciplineComputer Scienceen
thesis.degree.grantorUniversity of Arizonaen
dc.contributor.advisorDebray, Saumya K.en
All Items in UA Campus Repository are protected by copyright, with all rights reserved, unless otherwise indicated.