Abstract: These days, the Internet faces a mounting threat from malicious software developers. Almost every day a new malware gets into headline news, demanding ransoms and disrupting crucial services such as power supply, healthcare etc. There is an urgent need to protect against them and defend our critical cyber infrastructure from such attacks. Manual malware analysis is not sufficient due to the huge number of such cases. As a result, automated yet efficient malware analysis is much needed. Malware classification powered by a multi-path execution engine will be a great weapon for computer security industry. In this thesis, we present various feature engineering techniques that has led to great improvements in classification of executables into malware families. Furthermore, we present a GDB extension tool to facilitate symbolic execution of binaries, primarily for extracting features through multiple path execution.
MTech Thesis Defences
Vineet Purswani, 12807813