- DSpace Home
- →
- E-Theses
- →
- MCS
- →
- Information Security
- →
- BEIS
- →
- View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.
| dc.contributor.author | Shahid, Muhammad Osama | |
| dc.contributor.author | Munir, Danyal | |
| dc.contributor.author | Janjua, Muhammad Ibrahim | |
| dc.contributor.author | Ashfaq, Rizwan | |
| dc.contributor.author | Supervised by: Asst Prof Aimen Aakif | |
| dc.date.accessioned | 2025-02-10T05:21:25Z | |
| dc.date.available | 2025-02-10T05:21:25Z | |
| dc.date.issued | 2025-02-10 | |
| dc.identifier.issn | PIS-02 | |
| dc.identifier.uri | http://10.250.8.41:8080/xmlui/handle/123456789/49575 | |
| dc.description.abstract | In the current cybersecurity environment, the threat of malware is on the rise and this highlights the need for effective malware analysis solutions. Various malware analysis solution exits but these solutions come with a lot of issues such as high prices, specific configurations, compatibility issues and limited accessibility. To cope with this situation, our project adopts a Docker based malware analysis architecture for analyzing Windows malware. Our project is designed to give the user a friendly, easy to use, and affordable solution. The objective of the project involves both the static and dynamic analysis. The principle features extracted by static analysis tools are hashes, architecture, file attributes, and strings analysis. Dynamic analysis capabilities include monitoring process creation or deletion, file activity, registry manipulation, and network traffic scrutiny utilizing tools like Process Monitor. While implementing, function-centric approach is used, which is to separate functions by their specific purposes. Python libraries like Pefile and shashlib are used for static feature extraction, whereas Process Monitor is used for dynamic activity monitoring. The reporting mechanism is comprehensive so that it can give the insights about the malware. The Docker environment gives portability and ease of installation across different environments a boost. Docker containers provide a lightweight and isolated environment where malware samples can be executed without affecting the host system. Each container operates independently, ensuring that malware cannot spread beyond the container boundaries. Using Docker's isolation and portability, security analysts can perform in-depth analysis of Windows-based malware samples in a controlled and repeatable environment. The usefulness of the project is underscored by the fact that it can contribute to the democratization of malware analysis, thus making the analysis process efficient and accessible to a wide range of audience, is particularly beneficial for students, small-scale organizations and cybersecurity enthusiasts. In general, this project is a step in the evolution of the methods of malware analysis through the adoption of a practical, adaptable, and cost-efficient approach that is tailored for Windows malware, and which encourages cybersecurity practitioners in their never-ending fight against cyber threat actors. | en_US |
| dc.language.iso | en | en_US |
| dc.publisher | MCS | en_US |
| dc.title | Windows Malware Analyzer using Dockers (Malware Insight) | en_US |
| dc.type | Project Report | en_US |
Files in this item
This item appears in the following Collection(s)
-
BEIS [8]