Please use this identifier to cite or link to this item:
https://www.um.edu.mt/library/oar/handle/123456789/95150
Full metadata record
DC Field | Value | Language |
---|---|---|
dc.date.accessioned | 2022-05-06T07:07:30Z | - |
dc.date.available | 2022-05-06T07:07:30Z | - |
dc.date.issued | 2013 | - |
dc.identifier.citation | Sultana, S. (2013). Detecting malicious computer use (Bachelor's dissertation). | en_GB |
dc.identifier.uri | https://www.um.edu.mt/library/oar/handle/123456789/95150 | - |
dc.description | B.SC.(HONS)COMPUTER ENG. | en_GB |
dc.description.abstract | In today's world, many personal devices are continuously connected to the Internet. This carries risks with it, because malware (malicious software) can infect these devices with varying degrees of effects, from rendering the device useless to stealing personal data. It is desirable to have a generic system which can detect all types of malicious activity on personal devices. This project aims at researching and adapting Intrusion Detection Systems (IDSs) for personal devices. Two types of IDSs exist: signature-based and anomaly-based. Anomaly-based IDSs detect abnormal behaviour and assume it is malicious, while signature-based IDSs have a set of rules which model how known malware behaves. Since the final system needs to detect any kind of malware, anomaly-based systems are researched. The system also needs to work on different kinds of devices. One thing these devices have in common is that they are connected to the Internet, which means that network packets will be transferred to and from the devices. These packets can be analysed to detect any anomalies. The system that is adapted is called NET AD, created by Mahoney and Chan. NET AD assigns a score to every packet which indicates how anomalous it is compared to other packets. This work improves upon NET AD by considering TCP streams, which consist of a number of packets. If a majority of the packets in a stream is scored as anomalous, the stream is considered malicious. Using the TCP streams gives positive results. 70% of the malicious streams can be detected with the negative effect that 10% of the non-malicious streams also raise an alarm. Nevertheless, more tests need to be conducted in a live environment, or under conditions similar to a live environment to truly assess how well the new system performs. | en_GB |
dc.language.iso | en | en_GB |
dc.rights | info:eu-repo/semantics/restrictedAccess | en_GB |
dc.subject | Intrusion detection systems (Computer security) | en_GB |
dc.subject | Malware (Computer software) | en_GB |
dc.subject | TCP/IP (Computer network protocol) | en_GB |
dc.title | Detecting malicious computer use | en_GB |
dc.type | bachelorThesis | en_GB |
dc.rights.holder | The copyright of this work belongs to the author(s)/publisher. The rights of this work are as defined by the appropriate Copyright Legislation or as modified by any successive legislation. Users may access this work and can make use of the information contained in accordance with the Copyright Legislation provided that the author must be properly acknowledged. Further distribution or reproduction in any format is prohibited without the prior permission of the copyright holder. | en_GB |
dc.publisher.institution | University of Malta | en_GB |
dc.publisher.department | Faculty of Information and Communication Technology. Department of Communications and Computer Engineering | en_GB |
dc.description.reviewed | N/A | en_GB |
dc.contributor.creator | Sultana, Steven (2013) | - |
Appears in Collections: | Dissertations - FacICT - 2013 Dissertations - FacICTCCE - 1999-2013 |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
BSC(HONS)ICT_Sultana, Steven_2013.PDF Restricted Access | 8.65 MB | Adobe PDF | View/Open Request a copy |
Items in OAR@UM are protected by copyright, with all rights reserved, unless otherwise indicated.