Understanding malware autostart techniques with web data extraction

Show full item record

Redirect: RIT Scholars content from RIT Digital Media Library has moved from http://ritdml.rit.edu/handle/1850/10632 to RIT Scholar Works http://scholarworks.rit.edu/theses/530, please update your feeds & links!
Title: Understanding malware autostart techniques with web data extraction
Author: Gottlieb, Matthew
Abstract: The purpose of this study was to investigate automatic execution methods in Windows operating systems, as used and abused by malware. Using data extracted from the Web, information on over 10,000 malware specimens was collected and analyzed, and trends were discovered and presented. Correlations were found between these records and a list of known autostart locations for various versions of Windows. All programming was written in PHP, which proved very effective. A full breakdown of the popularity of each method per year was constructed. It was found that the popularity of many methods has varied greatly over the last decade, mostly following operating system releases and security improvements, but with some frightening exceptions.
Record URI: http://hdl.handle.net/1850/10632
Date: 2009

Files in this item

Files Size Format View
26706_pdf_23528 ... 11DE-8819-E4FE2F12225A.pdf 5.312Mb PDF View/Open

The following license files are associated with this item:

This item appears in the following Collection(s)

Show full item record

Search RIT DML

Advanced Search