ETD system

Electronic theses and dissertations repository


Tesi etd-04062018-152019

Thesis type
Tesi di laurea magistrale
Tecniche di machine learning applicate alla malware detection behavior-based
Corso di studi
relatore Prof. Giordano, Stefano
correlatore Prof. Pagano, Michele
correlatore C.F. (AN) Roatta, Carlo
Parole chiave
  • malware detection
  • machine learning
Data inizio appello
Secretata d'ufficio
Riassunto analitico
In the post-industrial society of Information and Knowledge, ICT technologies transform traditional processes into what is generically called the "digital impact". The devices connected to the network multiply and with them the motivations producing the newest external threats increase. The world of attackers has radically changed, becoming an increasingly organized and sustained environment in new forms. At the same time this change of scenario has modified the offensive techniques, giving space to new problems, such as targeted attacks and Advanced Persistent Threat. The security in distributed systems therefore depends on the evolution of defense paradigms: modern technologies go towards the integration of systems acting at various levels and reflecting the stratification of new types of attack. According to annual reports on cybersecurity, malware (malicious software) remains the main threat to be reckoned with. The so-called malware 2.0 integrate different new functions in the various phases of the attack: the prevention and detection of such malicious codes is therefore fundamental in countering modern cyber attacks. To perform an effective action in malware detection, it is essential to find within the malicious codes some indicators which automatically drive defense systems. This task can be accomplished by modules of machine learning, which, after their training and past experiences, recognize the attempts to compromise the system. From this point of view, a useful tool to study is the behavioral point of view of the code. The present thesis wants to validate an approach based on machine learning applied to dynamic behavioral analysis (considering attack actions in a controlled environment), through selecting some distinctive attributes found within malware.