A Framework for Enabling Static Detection and Classification of PE Malware

Welcome to DSpace BU Repository

Welcome to the Bahria University DSpace digital repository. DSpace is a digital service that collects, preserves, and distributes digital material. Repositories are important tools for preserving an organization's legacy; they facilitate digital preservation and scholarly communication.

Show simple item record

dc.contributor.author Zain Nawaz, 01-247212-017
dc.date.accessioned 2023-12-19T05:40:07Z
dc.date.available 2023-12-19T05:40:07Z
dc.date.issued 2023
dc.identifier.uri http://hdl.handle.net/123456789/16847
dc.description Supervised by Dr. Faisal Bashir en_US
dc.description.abstract Over the preceding years, the proliferation of malware on PC platforms, particularly on Windows OS, has become notably more severe. To counter the propagation of numerous malware variations, the implementation of ML classifiers for identifying malicious PE files has been suggested, aiming for autonomous categorization. Recent advancements in computer systems have transitioned human experiences from the physical to virtual realms, a shift that has been accelerated by the Covid-19 pandemic. Similarly, the interest of cybercriminals has pivoted from real-world to virtual environments. This transition is driven by the greater ease of committing cybercrimes in the digital realm compared to the physical world. Cyber attackers often utilize malicious software (malware) to execute cyber assaults. The evolution of malware variants continues through the utilization of sophisticated obfuscation and packing techniques. Conventional artificial intelligence (AI), particularly traditional ML algorithms, struggle to effectively identify novel and intricate malware variants. Embracing a distinct paradigm from traditional ML algorithms, the deep learning (DL) approach offers a promising avenue to address the challenge of detecting diverse malware variants. This study introduces an innovative deep learning architecture (LSTM) designed to categorize malware variations based on features extracted from function call graphs (FCGs). A particularly demanding task involves the selection of pertinent features from extensive datasets, ensuring that the classification model can be constructed with enhanced efficiency and accuracy. This research serves a dual purpose: first, to conduct a comprehensive overview of prevailing classification and detection methodologies, secondly, to devise an automated system for the detection and categorization of malicious Portable Executable files. This classification relies on function call graphs, emphasizing efficiency without sacrificing accuracy. Additionally, an aspiration of this study is to extend its scope to encompass the classification of malware families through the utilization of a deep learning model. en_US
dc.language.iso en en_US
dc.publisher Computer Sciences en_US
dc.relation.ispartofseries MS (IS);T-02082
dc.subject Framework en_US
dc.subject Enabling Static Detection en_US
dc.subject Classification of PE Malware en_US
dc.title A Framework for Enabling Static Detection and Classification of PE Malware en_US
dc.type Thesis en_US


Files in this item

This item appears in the following Collection(s)

Show simple item record

Search DSpace


Advanced Search

Browse

My Account