Global ETD Search

21	A cloud-based intelligent and energy efficient malware detection framework : a framework for cloud-based, energy efficient, and reliable malware detection in real-time based on training SVM, decision tree, and boosting using specified heuristics anomalies of portable executable files Mirza, Qublai K. A. January 2017 (has links) The continuity in the financial and other related losses due to cyber-attacks prove the substantial growth of malware and their lethal proliferation techniques. Every successful malware attack highlights the weaknesses in the defence mechanisms responsible for securing the targeted computer or a network. The recent cyber-attacks reveal the presence of sophistication and intelligence in malware behaviour having the ability to conceal their code and operate within the system autonomously. The conventional detection mechanisms not only possess the scarcity in malware detection capabilities, they consume a large amount of resources while scanning for malicious entities in the system. Many recent reports have highlighted this issue along with the challenges faced by the alternate solutions and studies conducted in the same area. There is an unprecedented need of a resilient and autonomous solution that takes proactive approach against modern malware with stealth behaviour. This thesis proposes a multi-aspect solution comprising of an intelligent malware detection framework and an energy efficient hosting model. The malware detection framework is a combination of conventional and novel malware detection techniques. The proposed framework incorporates comprehensive feature heuristics of files generated by a bespoke static feature extraction tool. These comprehensive heuristics are used to train the machine learning algorithms; Support Vector Machine, Decision Tree, and Boosting to differentiate between clean and malicious files. Both these techniques; feature heuristics and machine learning are combined to form a two-factor detection mechanism. This thesis also presents a cloud-based energy efficient and scalable hosting model, which combines multiple infrastructure components of Amazon Web Services to host the malware detection framework. This hosting model presents a client-server architecture, where client is a lightweight service running on the host machine and server is based on the cloud. The proposed framework and the hosting model were evaluated individually and combined by specifically designed experiments using separate repositories of clean and malicious files. The experiments were designed to evaluate the malware detection capabilities and energy efficiency while operating within a system. The proposed malware detection framework and the hosting model showed significant improvement in malware detection while consuming quite low CPU resources during the operation.
22	Property driven verification framework : application to real time property for UML MARTE software design / Les outils de vérification dédiés à partir des familles de propriétés : une application aux propriétés temps réel pour les modèles UML-MARTE Ge, Ning 13 May 2014 (has links) Les techniques formelles de la famille « vérification de modèles » (« model checking ») se heurtent au problème de l’explosion combinatoire. Ceci limite les perspectives d’exploitation dans des projets industriels. Ce problème est provoqué par la combinatoire dans la construction de l’espace des états possibles durant l’exécution des systèmes modélisés. Le nombre d’états pour des modèles de systèmes industriels réalistes dépasse régulièrement les capacités des ressources disponibles en calcul et stockage. Cette thèse défend l’idée qu’il est possible de réduire cette combinatoire en spécialisant les outils pour des familles de propriétés. Elle propose puis valide expérimentalement un ensemble de méthodes pour le développement de ce type d’outils en suivant une approche guidée par les propriétés appliquée au contexte temps réel. Il s’agit donc de construire des outils d’analyse performants pour des propriétés temps réel qui soient exploitables pour des modèles industriels de taille réaliste. Les langages considérés sont, d’une part UML étendu par le profil MARTE pour la modélisation par les utilisateurs, et d’autre part les réseaux de Petri temporisés comme support pour la vérification. Les propositions sont validées sur un cas d’étude industriel réaliste issu du monde avionique : l’étude de la latence et la fraicheur des données dans un système de gestion des alarmes exploitant les technologies d’Avionique Modulaire Intégrée. Ces propositions ont été mise en oeuvre comme une boite à outils qui intègre les cinq contributions suivantes: la définition de la sémantique d’exécution spécifiques aux propriétés temps réel pour les modèles d’architecture et de comportement spécifiés en UML/MARTE; la spécification des exigences temps réel en s’appuyant sur un ensemble de patrons de vérification atomiques dédiés aux propriété temps réel; une méthode itérative d’analyse à base d’observateurs pour des réseaux de Petri temporisés; des techniques de réduction de l’espace d’états spécifiques aux propriétés temps réel pour des Réseaux de Petri temporisés; une approche pour l’analyse des erreurs détectées par « vérification des modèles » en s’appuyant sur des idées inspirées de la « fouille de données » (« data mining »). / Automatic formal verification such as model checking faces the combinatorial explosion issue. This limits its application in indus- trial projects. This issue is caused by the explosion of the number of states during system’s execution , as it may easily exceed the amount of available computing or storage resources. This thesis designs and experiments a set of methods for the development of scalable verification based on the property-driven approach. We propose efficient approaches based on model checking to verify real-time requirements expressed in large scale UML-MARTE real-time system designs. We rely on the UML and its profile MARTE as the end-user modeling language, and on the Time Petri Net (TPN) as the verification language. The main contribution of this thesis is the design and implementation of a property-driven verification prototype toolset dedicated to real-time properties verification for UML-MARTE real-time software designs. We validate this toolset using an avionic use case and its user requirements. The whole prototype toolset includes five contributions: definition of real-time property specific execution semantics for UML-MARTE architecture and behavior models; specification of real- time requirements relying on a set of verification dedicated atomic real- time property patterns; real-time property specific observer-based model checking approach in TPN; real-time property specific state space reduction approach for TPN; and fault localization approach in model checking. Système temps réel critique Spécification Vérification Propriété temps réel Model checking Sémantique exécutable Real-time critical system Specification Verification Real-time property Model checking Executable semantics
23	A tradução juramentada de contratos de compra e venda de títulos executivos na direção inglês→português: semelhança e diferenças no uso de termos simples, expressões fixas e semifixas Rocha, Celso Fernando [UNESP] 28 June 2010 (has links) (PDF) Made available in DSpace on 2014-06-11T19:32:45Z (GMT). No. of bitstreams: 0 Previous issue date: 2010-06-28Bitstream added on 2014-06-13T20:43:54Z : No. of bitstreams: 1 rocha_cf_dr_sjrp_parcial.pdf: 126921 bytes, checksum: 7b40814cfbe459132ef100f7a0ade424 (MD5) Bitstreams deleted on 2015-05-28T14:25:14Z: rocha_cf_dr_sjrp_parcial.pdf,. Added 1 bitstream(s) on 2015-05-28T14:26:16Z : No. of bitstreams: 1 000623109_20150628.pdf: 114405 bytes, checksum: 414e8d916339ca8447ccb953e06fb971 (MD5) Bitstreams deleted on 2015-06-30T11:22:13Z: 000623109_20150628.pdf,. Added 1 bitstream(s) on 2015-06-30T11:23:07Z : No. of bitstreams: 1 000623109.pdf: 1171845 bytes, checksum: e3d39a95bd45dbc5ac70bd6f8d37ad91 (MD5) / A presente tese analisa características da tradução juramentada na direção inglês português, no que concerne a semelhanças e diferenças no uso de termos simples, expressões fixas e semifixas mais frequentes encontrados em contratos de compra e venda e títulos executivos. A pesquisa tem como fundamentação teórica os Estudos da Tradução Baseados em Corpus, a Linguística de Corpus e ainda recorre, em parte, ao arcabouço teórico-metodológico da Terminologia. Os corpora de estudo de textos traduzidos no modo juramentado para o português contêm: 34 contratos de compra e venda e 165 títulos executivos (24 conhecimentos de embarque, 103 faturas comerciais e 38 notas promissórias). Os contratos foram traduzidos por dois tradutores juramentados e os títulos executivos, por três tradutores. Para cada subtipo de documento dos corpora de estudo, compilamos dois corpora comparáveis de textos originalmente escritos em português e inglês. A pesquisa conta com o auxílio do programa de computador WordSmith Tools versão 4.0 para o levantamento dos dados, tendo sido utilizadas as ferramentas WordList, KeyWord e Concord. A partir dos dados gerados, criamos quatro glossários de termos simples e de expressões fixas e semifixas mais frequentes, presentes nos corpora de estudo. Desse modo, foram selecionados 90 termos simples e 70 expressões fixas ou semifixas dos contratos de compra e venda. Para criação dos glossários referentes a títulos executivos, escolhemos 137 ternos simples e 95 expressões fixas e semifixas. Os termos simples levantados constam dos dicionários do corpus de apoio; no entanto, não se encontra registrada, na maioria das obras, qualquer referência quanto ao uso. Por sua vez, a maior parte das expressões fixas e semifixas não se encontra dicionarizada. Com a utilização dos corpora comparáveis em inglês, foi possível localizar... / The present dissertation studies features of sworn translation in the English Portuguese direction. Differences and similarities observed in the use of the most frequent simple terms, fixed and semi-fixed expressions present in sales contracts and executable instruments (negotiable or enforceable instruments) were analyzed. This study has its theoretical basis on Corpus-Based Translation Studies, on Corpus Linguistics and applies some theoretical concepts from Terminology. The corpora of study comprise 34 sales contracts and 165 enforceable instruments (24 bills of lading, 103 commercial invoices and 38 promissory notes). The contracts had been translated by two sworn translators and the executable instruments by three sworn translators. For each subtype of document mentioned, two comparable corpora comprised of texts originally written in Portuguese and in English were constructed. Three tools of the software WordSmith Tool 4.0 were employed in order to extract data: WordList, KeyWord and Concord. We drew up four glossaries of simple terms, fixed or semi-fixed expressions based on the data generated by the software. 90 simple terms and 70 fixed or semi-fixed expressions were then selected from the contracts. In order to create the glossary of executable instruments, we chose 137 simple terms and 95 fixed or semi-fixed expressions. Although the simple terms are present in the dictionaries of our support corpus, there is no information concerning their use. Regarding fixed or semi-fixed expressions, most of them were not found in these dictionaries. The English comparable corpora showed approximately 70% of fixed or semi-fixed expressions. In relation to the analysis, we noticed a tendency to employ literal translations, which reveals a preference for language closer to the style of sales contracts and executable instruments originally written in English... (Complete abstract click electronic access below) Tradução e interpretação Linguistica aplicada - Terminologia Linguísitca de ccorpus Tradução juramentada Contratos de compra e venda - Tradução Sworn translation Corpus-based translation studies Corpus linguistics Sales contracts Executable instruments
24	A tradução juramentada de contratos de compra e venda de títulos executivos na direção inglês→português : semelhança e diferenças no uso de termos simples, expressões fixas e semifixas / Rocha, Celso Fernando. January 2010 (has links) Orientador: Diva Cardoso de Camargo / Banca: Francis Henrik Aubert / Banca: Waldenor Barros Moraes Filho / Banca: Claudia Maria Ceneviva Nigro / Banca: Eli Nazareth Bechara / Resumo: A presente tese analisa características da tradução juramentada na direção inglês português, no que concerne a semelhanças e diferenças no uso de termos simples, expressões fixas e semifixas mais frequentes encontrados em contratos de compra e venda e títulos executivos. A pesquisa tem como fundamentação teórica os Estudos da Tradução Baseados em Corpus, a Linguística de Corpus e ainda recorre, em parte, ao arcabouço teórico-metodológico da Terminologia. Os corpora de estudo de textos traduzidos no modo juramentado para o português contêm: 34 contratos de compra e venda e 165 títulos executivos (24 conhecimentos de embarque, 103 faturas comerciais e 38 notas promissórias). Os contratos foram traduzidos por dois tradutores juramentados e os títulos executivos, por três tradutores. Para cada subtipo de documento dos corpora de estudo, compilamos dois corpora comparáveis de textos originalmente escritos em português e inglês. A pesquisa conta com o auxílio do programa de computador WordSmith Tools versão 4.0 para o levantamento dos dados, tendo sido utilizadas as ferramentas WordList, KeyWord e Concord. A partir dos dados gerados, criamos quatro glossários de termos simples e de expressões fixas e semifixas mais frequentes, presentes nos corpora de estudo. Desse modo, foram selecionados 90 termos simples e 70 expressões fixas ou semifixas dos contratos de compra e venda. Para criação dos glossários referentes a títulos executivos, escolhemos 137 ternos simples e 95 expressões fixas e semifixas. Os termos simples levantados constam dos dicionários do corpus de apoio; no entanto, não se encontra registrada, na maioria das obras, qualquer referência quanto ao uso. Por sua vez, a maior parte das expressões fixas e semifixas não se encontra dicionarizada. Com a utilização dos corpora comparáveis em inglês, foi possível localizar... (Resumo completo, clicar acesso eletrônico abaixo) / Abstract: The present dissertation studies features of sworn translation in the English Portuguese direction. Differences and similarities observed in the use of the most frequent simple terms, fixed and semi-fixed expressions present in sales contracts and executable instruments (negotiable or enforceable instruments) were analyzed. This study has its theoretical basis on Corpus-Based Translation Studies, on Corpus Linguistics and applies some theoretical concepts from Terminology. The corpora of study comprise 34 sales contracts and 165 enforceable instruments (24 bills of lading, 103 commercial invoices and 38 promissory notes). The contracts had been translated by two sworn translators and the executable instruments by three sworn translators. For each subtype of document mentioned, two comparable corpora comprised of texts originally written in Portuguese and in English were constructed. Three tools of the software WordSmith Tool 4.0 were employed in order to extract data: WordList, KeyWord and Concord. We drew up four glossaries of simple terms, fixed or semi-fixed expressions based on the data generated by the software. 90 simple terms and 70 fixed or semi-fixed expressions were then selected from the contracts. In order to create the glossary of executable instruments, we chose 137 simple terms and 95 fixed or semi-fixed expressions. Although the simple terms are present in the dictionaries of our support corpus, there is no information concerning their use. Regarding fixed or semi-fixed expressions, most of them were not found in these dictionaries. The English comparable corpora showed approximately 70% of fixed or semi-fixed expressions. In relation to the analysis, we noticed a tendency to employ literal translations, which reveals a preference for language closer to the style of sales contracts and executable instruments originally written in English... (Complete abstract click electronic access below) / Doutor Tradução e interpretação. Linguistica aplicada - Terminologia. Sworn Translation. eng Corpus-based Translation Studies. eng Corpus Linguistics. eng Sales contracts. eng Executable instruments. eng
25	Open Code Translation from Executable and Translatable UML Models - Implicit Bridging Löfqvist, Mikael January 2007 (has links) Executable and Translatable UML (xtUML) is the next abstraction level in software development, where both programming language and software architecture have been abstracted away. xtUML is a well defined UML profile, extended with precise action semantics. This allows the developers to define a problem area, domain, in such a detail that it can be executed. By defining the system with xtUML-models, domains, the system functionality can be verified early in the development process. Translation to code can be done in different ways and this work will be performed in an environment where code is automatically generated with a model compiler. The goal with a domain is that it should be independent of other domains, reused without modification and exchanged with another domain solving the same problem. However a domain can make assumptions that certain functionality is available and these assumptions are requirements for another domain. To fulfil these goals there must be a minimal coupling between the domains. This can be solved with the technique Implicit Bridging, where the bridge dependency between domains is defined in a bridge. The dependency is in the form of mappings/coupling between elements in both domains. By defining a bridge interface for a server domain a client domain can use the resources offered by the server domain. The work performed shows how an implementation of Implicit Bridging could be realized by applying the technique in a microwave oven system. From the system design five different mapping types have been implemented. The applicability and the quality of the implementation have been verified by testing the generated system functionality and also verifying the goals, exchangeability and reuse of domains, of the system. Executable and Translatable UML xtUML Implicit/Explicit Bridging Model Compilers Domains Model Driven Development Code Translation Ada 95. Computer Sciences Datavetenskap (datalogi)
26	Optimizing the LLVM ELF linker for a distributed compilation environment : Concurrent Linking with LLVM LLD / Optimering av LLVMs ELF-länkare vid användning av distribuerad kompilering Wilkens, Alexander January 2020 (has links) Modern build systems that build large software projects often utilize a distributed compiler, allowing the compilation of object files to be parallelized over multiple machines. These build systems are often not able to fully utilize all the resources available on all machines. As linking is not part of this distributed process, the unused resources could be used to perform linking instead, reducing the total build time. However, linking is often performed at the end of the build process, thus not being able to access the previously unused resources. In this thesis project, a linker that runs concurrently with the compilation process of the build system is designed, implemented, and evaluated . As the compilation process produces an object file, the linker performs a partial link using this file. The link is finalized at the end of the build, not unlike a traditional linker. The results show that the total build time is reduced when using the new linker in a build system utilizing a distributed compiler. In some cases, the time spent linking at the end of the build system is reduced over 50 percent when compared to the reference linker. linking c++ build system compiling distributed compilation concurrent linker concurrent linking llvm lld elf executable and linkable format Computer Sciences Datavetenskap (datalogi)
27	Extraction de code fonctionnel certifié à partir de spécifications inductives / Extraction of Certified Functional Code from Inductive Specifications Tollitte, Pierre-Nicolas 06 December 2013 (has links) Les outils d’aide à la preuve basés sur la théorie des types permettent à l’utilisateur d’adopter soit un style fonctionnel, soit un style relationnel (c’est-à-dire en utilisant des types inductifs). Chacun des deux styles a des avantages et des inconvénients. Le style relationnel peut être préféré parce qu’il permet à l’utilisateur de décrire seulement ce qui est vrai, de s’abstraire temporairement de la question de la terminaison, et de s’en tenir à une description utilisant des règles. Cependant, une spécification relationnelle n’est pas exécutable.Nous proposons un cadre général pour transformer une spécification inductive en une spécification fonctionnelle, en extrayant à partir de la première une fonction et en produisant éventuellement la preuve de correction de la fonction extraite par rapport à sa spécification inductive. De plus, à partir de modes définis par l’utilisateur, qui permettent de considérer les arguments de la relation comme des entrées ou des sorties (de fonction), nous pouvons extraire plusieurs comportements calculatoires à partir d’un seul type inductif.Nous fournissons également deux implantations de notre approche, l’une dans l’outil d’aide à la preuve Coq et l’autre dans l’environnement Focalize. Les deux sont actuellement distribuées avec leurs outils respectifs. / Proof assistants based on type theory allow the user to adopt either a functional style, or a relational style (e.g., by using inductive types). Both styles have advantages and drawbacks. Relational style may be preferred because it allows the user to describe only what is true, discard momentarily the termination question, and stick to a rule-based description. However, a relational specification is usually not executable.We propose a general framework to turn an inductive specification into a functional one, by extracting a function from the former and eventually produce the proof of soundness of the extracted function w.r.t. its inductive specification. In addition, using user-defined modes which label inputs and outputs, we are able to extract several computational contents from a single inductive type.We also provide two implementations of our approach, one in the Coq proof assistant and the other in the Focalize environnement. Both are currently distributed with the respective tools. Spécifications exécutables Relations inductives Génération de code fonctionnel Génération de preuves Coq Focalize Executable specifications Inductive relations Functional code generation Proof generation Coq Focalize 004
28	Dimensioning of Charging Infrastructure Using Model-Based Systems Engineering / Dimensionering av laddinfrastruktur genom modellbaserad systemteknik Jansson, Daniel, Niklasson, Nils January 2022 (has links) This thesis work is performed in collaboration with Syntell AB and a client company interested in assistance with charging infrastructure dimensioning. The aim of this thesis is to develop an executable, generalizable model that can aid decision making regarding charging infrastructure. Furthermore, this is done within a Model-Based Systems Engineering (MBSE) context, which enables representation of the system as a model. As the data and model concerning the client company is classified, it is not presented in this report. Instead, to further enhance the aim of developing a generalizable model, a test case is produced for this project work. This case consists of passenger electric vehicles and chargers in a metropolitan setting, where data is gathered from public sources. The results show that the model is executable and flexible to fit any type of electric vehicle and different specifications of chargers. Using an MBSE approach enables the project owner to customize the model development for the specific use case. Additionally, defining a system in focus establishes what the system uptime is, enabling calculations of availability. The results for this specific use case are interpreted to show how the model can be used to aid the dimensioning of charging infrastructure using the model output. To further verify the model representation of the system, the model can be run in live-mode, where vehicles and chargers can be added while the model is running to instantly examine the system dynamics. Concluding, the method for utilizing the model to evaluate systems availability is described. The model output, as well as the thorough description of the model, can be used to increase the knowledge within MBSE for executable modeling. / Detta projekt utförs i samarbete med Syntell AB och en tredje part som är intresserad av att förbättra sitt beslutsunderlag gällande dimensionering av laddinfrastruktur. Målet med arbetet är att utveckla en exekverbar och generaliserbar modell som kan användas för att underlätta dimensionering av laddinfrastruktur. Vidare så genomförs arbetet inom ramen för MBSE, vilket möjliggör en representation av systemet med hjälp av en modell. Eftersom kunddatan är konfidentiell appliceras modellen på ett fabricerat användningsfall som underlag för denna rapport. Detta baserar sig på elektriska personbilar i stadsmiljö, där data hämtas från publika källor. Att modellen används på två olika användningsfall stärker argumenten kring generaliserbarhet. Resultatet som presenteras är främst i syfte att demonstrera tolkning av resultat samt att grundligt förklara modellen. Resultaten visar att modellen är exekverbar och flexibel för att kunna anpassas utifrån godtyckligt elektriskt fordon och olika specifikationer för laddstationer. Genom att definiera ett system i fokus kan systemets drifttid utgöra grund för att kunna beräkna tillgänglighet. Resultaten tolkas i det specifika användningsfallet för att illustrera hur modellen kan användas för att underlätta en beslutsprocess gällande dimensionering av laddinfrastruktur. För att ytterligare verifiera modellens representation av verkligheten används ett interaktivt live-mode, där fordon och laddare kan läggas till under körning för att direkt undersöka systemdynamiken. Detta är ett viktigt verktyg vid kommunikation med intressenter för att stärka förtroendet för simuleringsresultat. Sammanfattningsvis beskrivs metoden för att använda modellen till att undersöka systemtillgänglighet. Modellens utdata, tillsammans med beskrivningen av modellen, kan användas för att utöka kunskapen inom MBSE för exekverbar modellering. Charging infrastructure Executable SysML MBSE Model-Based Systems Engineering Simulation SysML Systems availability Laddinfrastruktur Exekverbar SysML MBSE Modellbaserad Systemteknik Simulering SysML Systemtillgänglighet Other Mathematics Annan matematik
29	Bridging of complex data structures between xtUML domains / Bryggning av komplexa datastrukturer mellan xtUML-domäner Elgh, Jesper January 2022 (has links) Executable and Translatable UML (xtUML) is a high level software development method where models are developed using UML diagrams and action language code. Model compilers can translate a model into another programming language which is then executable. When developing xtUML models one of the main benefits is that the documentation of the program is created at the same time as the program in the shape of UML diagrams. It is therefore also important that it is possible to create good UML diagrams that gives the reader a good and clear understanding of how the program works without having to look at the code. One problem is the use of arrays and structured data types in the models because they can make a model more difficult to understand and therefore it would be good to be able to refrain from using them and instead model arrays and structured data types as classes with relations between them. This becomes an issue when an array should be sent to another domain in the system because a lot of action language code must be written which is inconvenient. A solution to this problem would be to send class object instances directly to other domains. In this thesis a solution to the problem has been proposed along with alternate options of solving it. The proposed solution has also been implemented in an existing model compiler and the results show that the performance in compilation time is slower compared to when using the built-in arrays and structured data types, but faster or the same compared to letting the user write its own code for sending object instances. The execution time for a small model using the new solution has increased by a lot compared to using arrays and structured data types, and the size of the executable file has almost doubled but if bigger models are created this difference may become negligible. xtUML Executable and translatable UML bridging data structure UML Unified Modeling Language Compilation model compiler bridgepoint OAL object action language Computer and Information Sciences Data- och informationsvetenskap
30	A Cloud-Based Intelligent and Energy Efficient Malware Detection Framework. A Framework for Cloud-Based, Energy Efficient, and Reliable Malware Detection in Real-Time Based on Training SVM, Decision Tree, and Boosting using Specified Heuristics Anomalies of Portable Executable Files Mirza, Qublai K.A. January 2017 (has links) The continuity in the financial and other related losses due to cyber-attacks prove the substantial growth of malware and their lethal proliferation techniques. Every successful malware attack highlights the weaknesses in the defence mechanisms responsible for securing the targeted computer or a network. The recent cyber-attacks reveal the presence of sophistication and intelligence in malware behaviour having the ability to conceal their code and operate within the system autonomously. The conventional detection mechanisms not only possess the scarcity in malware detection capabilities, they consume a large amount of resources while scanning for malicious entities in the system. Many recent reports have highlighted this issue along with the challenges faced by the alternate solutions and studies conducted in the same area. There is an unprecedented need of a resilient and autonomous solution that takes proactive approach against modern malware with stealth behaviour. This thesis proposes a multi-aspect solution comprising of an intelligent malware detection framework and an energy efficient hosting model. The malware detection framework is a combination of conventional and novel malware detection techniques. The proposed framework incorporates comprehensive feature heuristics of files generated by a bespoke static feature extraction tool. These comprehensive heuristics are used to train the machine learning algorithms; Support Vector Machine, Decision Tree, and Boosting to differentiate between clean and malicious files. Both these techniques; feature heuristics and machine learning are combined to form a two-factor detection mechanism. This thesis also presents a cloud-based energy efficient and scalable hosting model, which combines multiple infrastructure components of Amazon Web Services to host the malware detection framework. This hosting model presents a client-server architecture, where client is a lightweight service running on the host machine and server is based on the cloud. The proposed framework and the hosting model were evaluated individually and combined by specifically designed experiments using separate repositories of clean and malicious files. The experiments were designed to evaluate the malware detection capabilities and energy efficiency while operating within a system. The proposed malware detection framework and the hosting model showed significant improvement in malware detection while consuming quite low CPU resources during the operation. Malware detection File heuristics Support vector machine (SVM) Decision tree Boosting Cloud computing Energy efficiency Real-time detection Automated static analysis Portable executable (PE)

Search results