Abstract

It is difficult to fully know the effects a piece of software will have on your computer, particularly when the software is distributed by an unknown source. The research in this paper focuses on malware detection, virtualization, and sandbox/honeypot techniques with the goal of improving the security of installing useful, but unverifiable, software. With a combination of these techniques, it should be possible to install software in an environment where it cannot harm a machine, but can be tested to determine its safety. Testing for malware, performance, network connectivity, memory usage, and interoperability can be accomplished without allowing the program to access the base operating system of a machine. After the full effects of the software are understood and it is determined to be safe, it could then be run from, and given access to, the base operating system. This thesis investigates the feasibility of creating a system to verify the security of unknown software while ensuring it will have no negative impact on the host machine.

Library of Congress Subject Headings

Computer security--Computer programs; Virtual computer systems; Malware (Computer software); Computer software--Evaluation

Publication Date

10-27-2008

Document Type

Thesis

Student Type

Graduate

Degree Name

Computing Security (MS)

Department, Program, or Center

Department of Computing Security (GCCIS)

Advisor

Peter Lutz

Advisor/Committee Member

Hans-Peter Bischof

Advisor/Committee Member

Sidney Marshall

Campus

RIT – Main Campus

Plan Codes

COMPSEC-MS

Download

Share

COinS