Date of Award:
Master of Science (MS)
Illicit software that seeks to steal user information, deny service, or cause general mayhem on computer networks is often discovered after the damage has been done. The ability to discover network behavior of software before a computer network is utilized would allow administrators to protect and preserve valuable resources. Static reverse engineering is the process of discovering in a offline environment how a software application is built and how it will behave. By automating static reverse engineering, software behavior can be discovered before it is executed on client devices. Fingerprints are then built from the discovered behavior which is matched with known malicious fingerprints to identify potentially dangerous software.
Sinema, Dan, "Automated Reverse Engineering of Malware to Develop Network Signatures to Match with Known Network Signatures" (2014). All Graduate Theses and Dissertations. 3315.