• Login
    View Item 
    •   SU+ Home
    • Research and Publications
    • Faculty of Information Technology (FIT)
    • FIT Projects, Theses and Dissertations
    • MSc.ISS Theses and Dissertations
    • MSc.ISS Theses and Dissertations (2019)
    • View Item
    •   SU+ Home
    • Research and Publications
    • Faculty of Information Technology (FIT)
    • FIT Projects, Theses and Dissertations
    • MSc.ISS Theses and Dissertations
    • MSc.ISS Theses and Dissertations (2019)
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    Developing an automated malware detection, analysis and reporting tool for MS-Windows

    Thumbnail
    View/Open
    Full-text thesis (3.100Mb)
    Date
    2019
    Author
    Mutyethau, David Matingi
    Metadata
    Show full item record
    Abstract
    Memory and computer forensics is a field that has witnessed a lot of advancements in the recent past. Memory forensics enables investigators acquire and investigate the content of a computer’s RAM while computer forensics enable the investigator to acquire information from the hard drive. While valuable artifacts can be extracted from computers, the use of this technique presents several challenges, such as, data acquisition, searching for artifacts and data analysis of extracted information. The variants of malware families share typical behavioral patterns reflecting their origin and purpose. The behavioral patterns obtained either statically or dynamically can be exploited to detect and classify unknown malwares into their known families using machine learning techniques. This dissertation aims to create a malware detection, analysis and reporting tool that shall be open source, user friendly, intuitive and automated for MS Windows. The tool shall assist forensic investigators in discovering crucial information in the suspect computer such as malware present. The tool shall analyse content stored in the computer’s hard drive and captured memory images. This shall include analysis of single files, folders, hard disk partitions and the entire hard disk. For live memory, the tool shall aim to determine processes and files that were open or present at time of live analysis.
    URI
    http://hdl.handle.net/11071/6782
    Collections
    • MSc.ISS Theses and Dissertations (2019) [6]

    DSpace software copyright © 2002-2016  DuraSpace
    Contact Us | Send Feedback
    Theme by 
    Atmire NV
     

     

    Browse

    All of SU+Communities & CollectionsBy Issue DateAuthorsTitlesSubjectsThis CollectionBy Issue DateAuthorsTitlesSubjects

    My Account

    Login

    DSpace software copyright © 2002-2016  DuraSpace
    Contact Us | Send Feedback
    Theme by 
    Atmire NV