Automatic removal of malicious code fragments from infected host software
At a time when mobile security is of paramount importance, this project aims to investigate how, instead of quarantining malware samples upon detection, modifications to the application can be made such that only the malicious sections of the application’s code are removed. By analysing the malware...
Saved in:
Main Author: | |
---|---|
Other Authors: | |
Format: | Final Year Project |
Language: | English |
Published: |
2018
|
Subjects: | |
Online Access: | http://hdl.handle.net/10356/74205 |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Nanyang Technological University |
Language: | English |
id |
sg-ntu-dr.10356-74205 |
---|---|
record_format |
dspace |
spelling |
sg-ntu-dr.10356-742052023-03-03T20:47:15Z Automatic removal of malicious code fragments from infected host software Chan, Jeremy Mun Jung Lin Shang-Wei School of Computer Science and Engineering DRNTU::Engineering::Computer science and engineering At a time when mobile security is of paramount importance, this project aims to investigate how, instead of quarantining malware samples upon detection, modifications to the application can be made such that only the malicious sections of the application’s code are removed. By analysing the malware and removing the malicious section, the application will hence be safe to use. Firstly, the project examines how malware runs and steals information on Android Operating Systems. Using the results of this analysis, the project then develops a program named AndroidMalwareModifier, which aids in the cleaning of suspicious applications and the subsequent removal of the malicious sections of the code. AndroidMalwareModifier thus leaves the application’s main functionalities intact and runnable, removing any traces of the malicious code. This report also summarizes the test results of using AndroidMalwareModifier to analyse a malware dataset provided by the Android Malware Genome Project. The test results also showed the efficiency of AndroidMalwareModifier on the malware dataset, where 74% of the malware samples tested were successfully modified. The other 26% failed the modification due to outlying exploits not covered by AndroidMalwareModifier, such as malware that aims to bloat devices rather than stealing information. Lastly, this project explains the technical process of removing the malicious code from these applications in hopes that further research can be conducted to allow AndroidMalwareModifier to modify and clean several new malware types that may appear in the future. Bachelor of Engineering (Computer Science) 2018-05-08T04:54:22Z 2018-05-08T04:54:22Z 2018 Final Year Project (FYP) http://hdl.handle.net/10356/74205 en Nanyang Technological University 93 p. application/pdf |
institution |
Nanyang Technological University |
building |
NTU Library |
continent |
Asia |
country |
Singapore Singapore |
content_provider |
NTU Library |
collection |
DR-NTU |
language |
English |
topic |
DRNTU::Engineering::Computer science and engineering |
spellingShingle |
DRNTU::Engineering::Computer science and engineering Chan, Jeremy Mun Jung Automatic removal of malicious code fragments from infected host software |
description |
At a time when mobile security is of paramount importance, this project aims to investigate how, instead of quarantining malware samples upon detection, modifications to the application can be made such that only the malicious sections of the application’s code are removed. By analysing the malware and removing the malicious section, the application will hence be safe to use.
Firstly, the project examines how malware runs and steals information on Android Operating Systems. Using the results of this analysis, the project then develops a program named AndroidMalwareModifier, which aids in the cleaning of suspicious applications and the subsequent removal of the malicious sections of the code. AndroidMalwareModifier thus leaves the application’s main functionalities intact and runnable, removing any traces of the malicious code.
This report also summarizes the test results of using AndroidMalwareModifier to analyse a malware dataset provided by the Android Malware Genome Project. The test results also showed the efficiency of AndroidMalwareModifier on the malware dataset, where 74% of the malware samples tested were successfully modified. The other 26% failed the modification due to outlying exploits not covered by AndroidMalwareModifier, such as malware that aims to bloat devices rather than stealing information.
Lastly, this project explains the technical process of removing the malicious code from these applications in hopes that further research can be conducted to allow AndroidMalwareModifier to modify and clean several new malware types that may appear in the future. |
author2 |
Lin Shang-Wei |
author_facet |
Lin Shang-Wei Chan, Jeremy Mun Jung |
format |
Final Year Project |
author |
Chan, Jeremy Mun Jung |
author_sort |
Chan, Jeremy Mun Jung |
title |
Automatic removal of malicious code fragments from infected host software |
title_short |
Automatic removal of malicious code fragments from infected host software |
title_full |
Automatic removal of malicious code fragments from infected host software |
title_fullStr |
Automatic removal of malicious code fragments from infected host software |
title_full_unstemmed |
Automatic removal of malicious code fragments from infected host software |
title_sort |
automatic removal of malicious code fragments from infected host software |
publishDate |
2018 |
url |
http://hdl.handle.net/10356/74205 |
_version_ |
1759857441676197888 |