Abstract
The use of malware as a tool for cybercrime has become increasingly prevalent in recent years, resulting in significant economic losses and security threats. Conventionally, malware is written in C/C++. However, a recent trend has been observed where other languages are being used to write malware. One such language is the Rust programming language. This thesis aims to explore the aspects of the Rust programming language that contribute to its preference for the development of malware, limitations in current analysis tools and remediation for the same. A Systematic Literature Review (SLR) was conducted to identify the trends of current research on malware written in the Rust programming language. For experimentation, 40 malware samples belonging to 6 different categories of malware were developed in the C and the Rust programming languages. These samples were compared for their ease of analysis and effectiveness of antivirus evasion. It was observed that academic and individual research in this area is sparse compared to industrial research. Results of the experimentation show that current tools are comparatively less effective at analyzing and reverse engineering malware written in the Rust programming language than those written in C. Moreover, malware written in the Rust programming language evades antivirus detection much better than their C counterparts. Based on the findings, a practical framework to analyze malware written in the Rust programming language is proposed. The findings of this thesis highlight the need for enhanced detection strategies for malware that are written in unconventional programming languages. Overall, it contributes to the broader literature on cybersecurity by offering new perspectives and recommendations for addressing this critical challenge.
Library of Congress Subject Headings
Malware (Computer software); Programming languages (Electronic computers); Rust (Computer program language); C (Computer program language)
Publication Date
5-2023
Document Type
Thesis
Student Type
Graduate
Degree Name
Computing Security (MS)
Advisor
Wesam Almobaideen
Advisor/Committee Member
Kevser Ovaz Akpinar
Recommended Citation
Praveen, Meghna Koorikkattil, "A Comparative Analysis of Malware Written in the C and Rust Programming Languages" (2023). Thesis. Rochester Institute of Technology. Accessed from
https://repository.rit.edu/theses/11484
Campus
RIT Dubai
Plan Codes
COMPSEC-MS