UPM Institutional Repository

Enhanced cuckoo malware analysis performance using cloud computing


Citation

Barakat, Osamah Lutf Hamood (2013) Enhanced cuckoo malware analysis performance using cloud computing. Masters thesis, Universiti Putra Malaysia.

Abstract

Modem information technology affects almost every aspect of human existence. Along with numerous positive outcomes, such comprehensive influence of modem technology on everyday life can also create unprecedented opportunities for the dissemination of malicious software within very short time frames. The damage caused by malicious software can have a profound and lasting impact on many people across the globe. A close look at the current approaches of mal ware analyzers illustrates that response time to community users is inadequately slow at present. It also demonstrates that these analyzers are not scalable to fit the escalating demand for analysis. As a consequence, they will not be able to respond to end-users enquiries in proper time. to present a new approach to ways of enhancing the malware analyzer performance, in order for the end-users to get feedback faster than present indicators. This approach utilizes cloud computing scalability feature to reach appropriate levels of response time. Cloud computing is emerging scalability as the main advantage to help application scale to cope with increasing customer demands. Integrating this technique with modem applications and services will provide faster solution due to scalability. For the purposes of evaluating this approach, two systems were carefully prepared with the same malware analyzer. One of them utilizes cloud computing, and the other one is left with no changes. Both systems were put under investigation with real malware samples to drive a comparison test between the two approaches. Samples were divided into multiple groups with incremental size to study the two systems' behavior towards different submission loads. Results obtained after processing 3000 samples indicated that cloud based malware analyzer is 23% faster than the standalone system. Although cloud enabled system was performing worse than the standalone system when low samples were submitted, it started to take the lead with noticeable performance when increasing numbers of analysis requests were submitted. With greater enhancements in cloud computing implementation levels, this percentage could increase dramatically to save time consumed while analyzing malware. Applying this approach in Malaysia will help community members get faster replies regarding suspicious applications with respect to the huge number of IT consumers. This research could be easily extended to the nationwide malware reporting system which can improve the quality of signatures and anti-viruses.


Download File

[img] Text
FK 2013 103 ir.pdf

Download (7MB)

Additional Metadata

Item Type: Thesis (Masters)
Subject: Cloud computing
Subject: Computer security
Subject: Computer viruses
Call Number: FK 2013 103
Chairman Supervisor: Shaiful Jahari Hashim, PhD
Divisions: Faculty of Engineering
Depositing User: Mas Norain Hashim
Date Deposited: 13 Mar 2020 02:54
Last Modified: 26 Jan 2022 03:56
URI: http://psasir.upm.edu.my/id/eprint/77619
Statistic Details: View Download Statistic

Actions (login required)

View Item View Item