Database of Malware: Collection, Analysis and Evaluation

• Main Authors: CHU YEN HSI, 朱彥曦
• Other Authors: Tseng Chun Yuan
• Format: Others
• Language: en_US
• Published: 2013
• Online Access: http://ndltd.ncl.edu.tw/handle/58712803192871542798

碩士 === 國立臺北大學 === 資訊管理研究所 === 101 === This research aims at building a malware collection, analysis and evaluation platform. In before times, if we wanted to test the performance of anti-virus, we had to build the “sample bank” which means a set of malware to test the antivirus in order to ensuring that anti-virus is capable of detection. While how to select proper malware to group sample bank has become a major issue. To deal with this, we have established a platform with proactive malware collection, analysis and evaluation. Through massive collection we can acquire various suspicious files and upload these files to VirusTotal for detection. The detection result will be taken as basis to evaluate the files. We have also built a new malware evaluation mechanism to classify the malware, which was found based on detection result. The suspicious files collected will be evaluated and the result shows the new evaluation mechanism has outputted a set of highly malicious and changed suspicious files which might be suitable for examining the anti-viruses. With automatically functioned, the platform can get and have sample evaluated rapidly for further malware classification based on evaluation result in order to building well-quality malware question bank.