• Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 1
  • Tagged with
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
1

Detection and Prevention of Malware Smuggling in Scalable Vector Graphics (SVG)

Ufnal, Marek, Longuevergne, Thomas January 2024 (has links)
Since 2015, malicious actors have been using SVG files to obfuscate malware from potential defensive mechanisms and carry out attacks undetected through the use of smuggling tech- niques [1]. Throughout this thesis, we use the Design Science Research methodology in order to design and develop an artefact able to detect these attacks within a real network infrastruc- ture, while minimising the impact on the user experience. For the designed artefact to answer these challenges, we conduct two scoping reviews: an analysis of seven of these incidents to determine the technique used to perform the smuggling. This is followed by a map of the dif- ferent security processes available to network administrators and individuals who search for open-source technologies and aim to close the gap left by lack of these solutions.  Moreover the paper proposes a SVG parser and a Random Forest classifier to extract valu- able features needed to find the malicious payloads hidden in the graphics. The performance of the artefact is analysed to determine its suitability for real-world usage and if an adequate success rate is reached. The paper finally concludes that the task of obfuscated malware de- tection is a multi-faceted problem and the artefact, while successful, is a suitable blueprint for exploring future improvements in the field.

Page generated in 0.0561 seconds