Behaviour-based Virus Analysis and Detection

dc.contributor.authorAl Amro, Sulaiman
dc.date.accessioned2013-12-02T09:48:26Z
dc.date.available2013-12-02T09:48:26Z
dc.date.issued2013
dc.description.abstractEvery day, the growing number of viruses causes major damage to computer systems, which many antivirus products have been developed to protect. Regrettably, existing antivirus products do not provide a full solution to the problems associated with viruses. One of the main reasons for this is that these products typically use signature-based detection, so that the rapid growth in the number of viruses means that many signatures have to be added to their signature databases each day. These signatures then have to be stored in the computer system, where they consume increasing memory space. Moreover, the large database will also affect the speed of searching for signatures, and, hence, affect the performance of the system. As the number of viruses continues to grow, ever more space will be needed in the future. There is thus an urgent need for a novel and robust detection technique. One of the most encouraging recent developments in virus research is the use of formulae, which provides alternatives to classic virus detection methods. The proposed research uses temporal logic and behaviour-based detection to detect viruses. Interval Temporal Logic (ITL) will be used to generate virus specifications, properties and formulae based on the analysis of the behaviour of computer viruses, in order to detect them. Tempura, which is the executable subset of ITL, will be used to check whether a good or bad behaviour occurs with the help of ITL description and system traces. The process will also use AnaTempura, an integrated workbench tool for ITL that supports our system specifications. AnaTempura will offer validation and verification of the ITL specifications and provide runtime testing of these specifications.en
dc.identifier.urihttp://hdl.handle.net/2086/9488
dc.language.isoenen
dc.publisherDe Montfort Universityen
dc.publisher.departmentFaculty of Technologyen
dc.publisher.departmentSoftware Technology Research Laboratoryen
dc.subjectcomputer virusesen
dc.subjectvirus behaviouren
dc.subjectAPI callsen
dc.subjectInterval Temporal logicen
dc.titleBehaviour-based Virus Analysis and Detectionen
dc.typeThesis or dissertationen
dc.type.qualificationlevelDoctoralen
dc.type.qualificationnamePhDen

Files

Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
Sulaiman_Al_amro's_Thesis.pdf
Size:
3.41 MB
Format:
Adobe Portable Document Format
License bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
4.2 KB
Format:
Item-specific license agreed upon to submission
Description:

Collections