Show simple item record

dc.contributor.authorAl Amro, Sulaiman
dc.date.accessioned2013-12-02T09:48:26Z
dc.date.available2013-12-02T09:48:26Z
dc.date.issued2013
dc.identifier.urihttp://hdl.handle.net/2086/9488
dc.description.abstractEvery day, the growing number of viruses causes major damage to computer systems, which many antivirus products have been developed to protect. Regrettably, existing antivirus products do not provide a full solution to the problems associated with viruses. One of the main reasons for this is that these products typically use signature-based detection, so that the rapid growth in the number of viruses means that many signatures have to be added to their signature databases each day. These signatures then have to be stored in the computer system, where they consume increasing memory space. Moreover, the large database will also affect the speed of searching for signatures, and, hence, affect the performance of the system. As the number of viruses continues to grow, ever more space will be needed in the future. There is thus an urgent need for a novel and robust detection technique. One of the most encouraging recent developments in virus research is the use of formulae, which provides alternatives to classic virus detection methods. The proposed research uses temporal logic and behaviour-based detection to detect viruses. Interval Temporal Logic (ITL) will be used to generate virus specifications, properties and formulae based on the analysis of the behaviour of computer viruses, in order to detect them. Tempura, which is the executable subset of ITL, will be used to check whether a good or bad behaviour occurs with the help of ITL description and system traces. The process will also use AnaTempura, an integrated workbench tool for ITL that supports our system specifications. AnaTempura will offer validation and verification of the ITL specifications and provide runtime testing of these specifications.en
dc.language.isoenen
dc.publisherDe Montfort Universityen
dc.subjectcomputer virusesen
dc.subjectvirus behaviouren
dc.subjectAPI callsen
dc.subjectInterval Temporal logicen
dc.titleBehaviour-based Virus Analysis and Detectionen
dc.typeThesis or dissertationen
dc.publisher.departmentFaculty of Technologyen
dc.publisher.departmentSoftware Technology Research Laboratoryen
dc.type.qualificationlevelDoctoralen
dc.type.qualificationnamePhDen


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record