Malware attribution
The report presents the final year project to design and develop an application that performs malware attributions. Malware attributions are critical pieces of Indicators of Compromise (IOC) data to facilitate in the mapping and establishment of the observed cyber-attack. The tool aims to perform a...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
2018
|
| Subjects: | |
| Online Access: | http://hdl.handle.net/10356/74012 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-74012 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-740122023-03-03T20:54:05Z Malware attribution Foo, Ce Zhi Lam Kwok Yan School of Computer Science and Engineering DRNTU::Engineering The report presents the final year project to design and develop an application that performs malware attributions. Malware attributions are critical pieces of Indicators of Compromise (IOC) data to facilitate in the mapping and establishment of the observed cyber-attack. The tool aims to perform a malware attribution of an input file and subsequently, outputs the analysis in a report according to a determined threat intel format. The purpose of the report is for sharing and collaboration within the community. Prior to the start, research and study were carried out to establish and determine the tools and techniques in which the application should adopt. The developed application involves a number of virtual machines, machine learning techniques and macros to facilitate the automated process of keeping the collection of dataset updated. A collection of dataset consisting a total of 310 malware and non-malware samples were analysed on a Windows operating system and used for machine learning. Together with the pool of training dataset analysed and the integration of other components, the developed application was able to achieve an accuracy prediction of 98% in determining if a file belongs to a malware. The accuracy of the prediction was significant to enable the right output of report and outcome to the users. With an accurate report, cybersecurity professionals and individuals from the community can develop countermeasures to address the attack. Bachelor of Engineering (Computer Science) 2018-04-23T07:06:11Z 2018-04-23T07:06:11Z 2018 Final Year Project (FYP) http://hdl.handle.net/10356/74012 en Nanyang Technological University 127 p. application/pdf |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
DRNTU::Engineering |
| spellingShingle |
DRNTU::Engineering Foo, Ce Zhi Malware attribution |
| description |
The report presents the final year project to design and develop an application that performs malware attributions. Malware attributions are critical pieces of Indicators of Compromise (IOC) data to facilitate in the mapping and establishment of the observed cyber-attack. The tool aims to perform a malware attribution of an input file and subsequently, outputs the analysis in a report according to a determined threat intel format. The purpose of the report is for sharing and collaboration within the community.
Prior to the start, research and study were carried out to establish and determine the tools and techniques in which the application should adopt.
The developed application involves a number of virtual machines, machine learning techniques and macros to facilitate the automated process of keeping the collection of dataset updated. A collection of dataset consisting a total of 310 malware and non-malware samples were analysed on a Windows operating system and used for machine learning. Together with the pool of training dataset analysed and the integration of other components, the developed application was able to achieve an accuracy prediction of 98% in determining if a file belongs to a malware.
The accuracy of the prediction was significant to enable the right output of report and outcome to the users. With an accurate report, cybersecurity professionals and individuals from the community can develop countermeasures to address the attack. |
| author2 |
Lam Kwok Yan |
| author_facet |
Lam Kwok Yan Foo, Ce Zhi |
| format |
Final Year Project |
| author |
Foo, Ce Zhi |
| author_sort |
Foo, Ce Zhi |
| title |
Malware attribution |
| title_short |
Malware attribution |
| title_full |
Malware attribution |
| title_fullStr |
Malware attribution |
| title_full_unstemmed |
Malware attribution |
| title_sort |
malware attribution |
| publishDate |
2018 |
| url |
http://hdl.handle.net/10356/74012 |
| _version_ |
1759857404038610944 |