logo SBA

ETD

Archivio digitale delle tesi discusse presso l’Università di Pisa

Tesi etd-04062018-152019


Tipo di tesi
Tesi di laurea magistrale
Autore
BASTONE, CESARE
URN
etd-04062018-152019
Titolo
Tecniche di machine learning applicate alla malware detection behavior-based
Dipartimento
INGEGNERIA DELL'INFORMAZIONE
Corso di studi
INGEGNERIA DELLE TELECOMUNICAZIONI
Relatori
relatore Prof. Giordano, Stefano
correlatore Prof. Pagano, Michele
correlatore C.F. (AN) Roatta, Carlo
Parole chiave
  • machine learning
  • malware detection
Data inizio appello
27/04/2018
Consultabilità
Non consultabile
Data di rilascio
27/04/2088
Riassunto
In the post-industrial society of Information and Knowledge, ICT technologies transform traditional processes into what is generically called the "digital impact". The devices connected to the network multiply and with them the motivations producing the newest external threats increase. The world of attackers has radically changed, becoming an increasingly organized and sustained environment in new forms. At the same time this change of scenario has modified the offensive techniques, giving space to new problems, such as targeted attacks and Advanced Persistent Threat. The security in distributed systems therefore depends on the evolution of defense paradigms: modern technologies go towards the integration of systems acting at various levels and reflecting the stratification of new types of attack. According to annual reports on cybersecurity, malware (malicious software) remains the main threat to be reckoned with. The so-called malware 2.0 integrate different new functions in the various phases of the attack: the prevention and detection of such malicious codes is therefore fundamental in countering modern cyber attacks. To perform an effective action in malware detection, it is essential to find within the malicious codes some indicators which automatically drive defense systems. This task can be accomplished by modules of machine learning, which, after their training and past experiences, recognize the attempts to compromise the system. From this point of view, a useful tool to study is the behavioral point of view of the code. The present thesis wants to validate an approach based on machine learning applied to dynamic behavioral analysis (considering attack actions in a controlled environment), through selecting some distinctive attributes found within malware.
File