du.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • chicago-author-date
  • chicago-note-bibliography
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Bypassing computer protection solutions for modern operating systems
Dalarna University, School of Technology and Business Studies, Computer Engineering.
2018 (English)Independent thesis Basic level (degree of Bachelor), 10 credits / 15 HE creditsStudent thesis
Abstract [en]

Antivirus Software Companies have seen a lot of development over the last decennary, beginning with the signature-based scanners and then slowly implementing more advanced heuristics techniques. Most of these have shown their ability to scan files stored on the hard drive and also opcodes in memory. As of date, most antivirus detection technologies used are; signature-based detection and heuristic-based detection. Malware signatures work by creating checksum hashes of known suspect files, so the smallest change prevents a match. Sometimes hackers and malicious users try finding ways around signatures and bypass signature-based detections by modifying existing malware with a few harmless strings to throw off signature based detection. I propose a project which aims to study how attackers and malicious codes can identify signatures of malware and modify it without changing its functionality with the aim of avoiding signature-based Antivirus software scanners which do not use heuristics at all. I have used netcat binary files in the reverse engineering process and proved how many antivirus scanner scan be bypassed. I also have used the python tool to create codes. From my experiment, I have proved the futility of the antivirus protection against malware. Through this report, I want to reach out and point out the safety measurements users can take to reduce attacks. I also have ensured that the common users are informed about the antivirus types and how they work. A user must be aware that antivirus software is not a full-proof protection as there are plenty of loopholes the researchers have to point out, but it does not mean the security should be compromised. Through this report, I would also like to highlight the fact that it is the responsibility of the user to follow simple guidelines to ensure protection, and the antivirus developers are responsible for keeping their database up-to-date.

Place, publisher, year, edition, pages
2018.
National Category
Other Engineering and Technologies not elsewhere specified
Identifiers
URN: urn:nbn:se:du-27697OAI: oai:DiVA.org:du-27697DiVA, id: diva2:1207043
Available from: 2018-05-21 Created: 2018-05-18 Last updated: 2018-05-21Bibliographically approved

Open Access in DiVA

No full text in DiVA

By organisation
Computer Engineering
Other Engineering and Technologies not elsewhere specified

Search outside of DiVA

GoogleGoogle Scholar

urn-nbn

Altmetric score

urn-nbn
Total: 54 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • chicago-author-date
  • chicago-note-bibliography
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf