|Project Description: ||This project implements and evaluates a bounded feature space behavior
modeling (BOFM) framework for scalable malware detection. BOFM models the
interactions between software (which can be malware or benign) and security-critical OS
resources in a scalable manner. A malware, performs various actions on one or more OS
resource instances. In the proposed BOFM, for each OS resource type, the set of actions
performed by malware on an individual OS critical resource instances are monitored, and
based on these collected features, BOFM algorithm can decide whether it is a malware or
a benign application. The approach which is proposed is scalable, which is achieved by
placing an upper bound to the number of the feature extracted.
The document mainly covers about the background, previous research, motivation
from the previous research, architecture of the proposed solution, functionality of the
application which is designed to detect the malwares in online applets and JAR files,
different test cases of the project and finally conclusion and future work.