AuthorSTEPHENS, JON BARTON
AdvisorDebray, Saumya K.
MetadataShow full item record
PublisherThe University of Arizona.
RightsCopyright © is held by the author. Digital access to this material is made possible by the University Libraries, University of Arizona. Further transmission, reproduction or presentation (such as public display or performance) of protected items is prohibited except with permission of the author.
AbstractMalware authors have developed many techniques that allow a malicious program to change its behavior, many of which require information from the computing environment. To fully understand how malware will affect a system, all behaviors it can exhibit need to be examined, so tools are needed that can expose when malware uses information from its environment to change its behavior. This project created such a tool called the environmental monitoring detector that will run a malicious program and search for cases of environmental monitoring while the malware is running. The tool is able to detect when a program uses environmental information to conditionally change its execution path; however, it has been found to be ineffective against obfuscated programs due to the lack of instruction specific taint propagation policies.
Degree ProgramHonors College