A framework for malware analysis in a stand-alone email-server | Daniel Tolboe Handler
| | Abstract | 100,000,000,000 spam mails are sent and received every day. Even though most email clients are equipped with spam filters, the common user, still receives a severe amount of unwanted emails every day. The problem, to spam filters, is the fact that the user expects the filter to let every genuine email through. When spam filters lower the rate for false positives (genuine emails marked malicious) they increase the rate for false negatives (malicious emails marked genuine). This increases the need for user awareness, to ensure that he do not open any unwanted email.
This project proposes a solution, to which the user can forward an email marked genuine by the spam filter, but looks suspecious to the user. In return, the user receives an exhaustive analysis of the content of the email, whether the content is a link in the email or an attached file. The solution will be implemented as a framework written in Python on a stand-alone emailserver. The framework will include static and dynamic file analysis, passive and active link analysis. | | Type | Master's thesis [Academic thesis] | | Year | 2017 | | Publisher | Technical University of Denmark, Department of Applied Mathematics and Computer Science | | Address | Richard Petersens Plads, Building 324, DK-2800 Kgs. Lyngby, Denmark, compute@compute.dtu.dk | | Series | DTU Compute M.Sc.-2017 | | Note | DTU supervisor: Christian D. Jensen, cdje@dtu.dk, DTU Compute | | Electronic version(s) | [pdf] | | Publication link | http://www.compute.dtu.dk/english | | BibTeX data | [bibtex] | | IMM Group(s) | Computer Science & Engineering |
|