Infection Immune System

Abstract

Internet provides a comfortable environment for malwares to spread faster. This poses a great threat on individuals and companies. Becoming not bound to only professionals, malware writing imposes a huge burden on anti-virus labs in malware analysis for signature extraction. Also, the introduction of obfuscation techniques makes the malware signature extraction even harder by using static analysis only. Dynamic analysis on the other hand proves more robust in defeating the different obfuscation techniques where the malware is being analyzed at its runtime. Many researches are also addressing the automation of the analysis for better response to malware introduction in the wild and less error prune. Different researches address the different challenges that are possessed while trying to automate the analysis process. In this thesis, we present a novice automated malware analysis system. The devised system introduces solutions for different challenges in the whole analysis process. We present an advanced interception technique specifically designed for malware monitoring. Added to that a stealth controlled environment for better malware behavior monitoring. And an enhancement to a machine learning engine that automatically detects unknown malwares based on previous knowledge.