Tesi etd-04042023-160108 |
Link copiato negli appunti
Tipo di tesi
Tesi di laurea magistrale
Autore
PETRI, PAOLA
URN
etd-04042023-160108
Titolo
Implementation of an automated malware analysis system based on evidence gathered from a honeypot
Dipartimento
INGEGNERIA DELL'INFORMAZIONE
Corso di studi
CYBERSECURITY
Relatori
relatore Dini, Gianluca
relatore Chessa, Stefano
tutor Proscia, Alessandro
relatore Chessa, Stefano
tutor Proscia, Alessandro
Parole chiave
- malware
- honeypot
- yara
- regular expressions
- binary files
Data inizio appello
28/04/2023
Consultabilità
Tesi non consultabile
Riassunto
The aim of the thesis project is to create an automatic tool for generating YARA rules on the basis of evidence collected from a honeypot. The honeypot is a tool from which to draw to detect samples of attacks or attack attempts, from which, through YARA and regular expressions, it is possible to extract the constituent elements, such as IP addresses or URLs. The honeypot files, as defined, serve as useful tools to study the behavior of attackers and, with this implementation, it will be possible to automatically collect a lot of information, so that it can be exploited by YARA for file analysis in the future.
File
| Nome file | Dimensione |
|---|---|
Tesi non consultabile. |
|