Return to search

Detection and Prevention of Malware Smuggling in Scalable Vector Graphics (SVG)

Since 2015, malicious actors have been using SVG files to obfuscate malware from potential defensive mechanisms and carry out attacks undetected through the use of smuggling tech- niques [1]. Throughout this thesis, we use the Design Science Research methodology in order to design and develop an artefact able to detect these attacks within a real network infrastruc- ture, while minimising the impact on the user experience. For the designed artefact to answer these challenges, we conduct two scoping reviews: an analysis of seven of these incidents to determine the technique used to perform the smuggling. This is followed by a map of the dif- ferent security processes available to network administrators and individuals who search for open-source technologies and aim to close the gap left by lack of these solutions.  Moreover the paper proposes a SVG parser and a Random Forest classifier to extract valu- able features needed to find the malicious payloads hidden in the graphics. The performance of the artefact is analysed to determine its suitability for real-world usage and if an adequate success rate is reached. The paper finally concludes that the task of obfuscated malware de- tection is a multi-faceted problem and the artefact, while successful, is a suitable blueprint for exploring future improvements in the field.

Identiferoai:union.ndltd.org:UPSALLA1/oai:DiVA.org:lnu-130274
Date January 2024
CreatorsUfnal, Marek, Longuevergne, Thomas
PublisherLinnéuniversitetet, Institutionen för datavetenskap och medieteknik (DM)
Source SetsDiVA Archive at Upsalla University
LanguageEnglish
Detected LanguageEnglish
TypeStudent thesis, info:eu-repo/semantics/bachelorThesis, text
Formatapplication/pdf
Rightsinfo:eu-repo/semantics/openAccess

Page generated in 0.002 seconds