Loading...
| Friend's email | |
| Your name | |
| Your email | |
| enter code | |
This page was sent successfuly
- Type of Document: M.Sc. Thesis
- Language: Farsi
- Document No: 53437 (19)
- University: Sharif University of Technology
- Department: Computer Engineering
- Advisor(s): Amini, Morteza
- Abstract:
- Today, smart devices have become an integral part of everyday life. The Android operating system is also the most popular operating system of these devices, and as a result, various malwares are produced and distributed for this operating system every day. This makes it especially important to investigate these malwares. This includes finding people involved in the development and distribution of malware, as well as discovering other malwares created by them. Discovering other involved entities, such as social media accounts, websites, Android store accounts, and taking steps to prevent malware from being distributed by them is another aspect of this story. In order to deal with organized activities, it is important to identify all the entities related to the set of stakeholders. Usually a malware distribution campaign is created by its developers. In these campaigns, different versions of Android malware are created and distributed. Therefore, identifying the relationship between different malware and properly classifying them based on the relationship between them can have different applications in the field of malware detection and identification. The main achievement of this research is the construction of a semi-automated system for collecting and processing information in the form of an ontology to help malware analysts to detect malware. The main approach of this research is to use different information sources related to the application. Android is for building an ontology and inferring information to identify certain crimes, such as creating malware production and distribution campaigns. In designed ontology, various related entities such as individuals, companies, websites, social media accounts, Android store accounts and their relationships, as well as identities related to each of them have been considered. Using the rules designed in ontology, it is possible to identify the relationship of different entities with malware. This makes it possible to identify the entities and individuals involved in the production and distribution of a malware after it has been identified.in this research a system based on ontology was developed to evaluate the research. This system was used to evaluate ontology in three different ways. In the first method, the system's ability to detect a malware campaign that had previously been identified by experts was measured. In the second method, the system's ability to identify the entities and individuals involved in that campaign was evaluated, and in the third method, the system's ability to detect malware related to several known malwares among a set of benign and malicious applications was evaluated. The evaluation results show that this system, despite the ability to automatically detect some factors, also needs an expert user to be able to use it better
- Keywords:
- Malwares ; Android Operating System ; Ontology ; Forensics ; Knowledge-Based System (KBS)
Digital Object List-
محتواي کتاب - view
Bookmark