Extraction and analysis of malware samples installed by web exploit kits

OData support
Dr. Bencsáth Boldizsár
Department of Networked Systems and Services

To avoid malware infections and getting thorough knowledge about them we need continuous research. Frequent behavior is that a victim gets malware infection during browsing via so called exploit-kits. These exploit-kits usually exploit vulnerabilities of the browser, or exploit the vulnerabilities of 3rd party plug-ins, extensions (Adobe Flash, Java, Microsoft Silverlight, ...) available in the browser. These plug-ins extensions are usually installed and rarely updated thus broadening the attack surface on the victim. Through these exploitations the attackers can run their own code inside the victim computer thus infecting it. The point of this thesis is to get known this infection better in particular with regard to the malware sample. For this I built a system which is able to extract and store malware samples from this kind of infections and collects behavior information with the help of dynamic analysis about the sample. The system is also able to track the awareness of the specific extracted sample.


Please sign in to download the files of this thesis.