Show simple item record

dc.contributor.advisorSarkar, Nurul
dc.contributor.authorAlwaghid, Alhanoof
dc.date.accessioned2019-05-20T23:48:15Z
dc.date.available2019-05-20T23:48:15Z
dc.date.copyright2019
dc.identifier.urihttp://hdl.handle.net/10292/12516
dc.description.abstractMalware is one of the most common security threats experienced by the user when browsing webpages. A good understanding of the features of webpages (e.g. internet protocol, port, URL, Google index, HTTPS token, and page rank) is required to analyse and mitigate the behaviour of malware in a webpage. In this paper, an experimental analysis is performed to identify the features in webpages that are most vulnerable to malware attack and its results are reported. To improve the feature selection accuracy, a machine learning technique called bagging is employed. To analyse these behaviour, phishing and botnet data were obtained from University of California Irvine machine learning repository. To validate the findings, honeypot infrastructure is applied by using the Modern Honeypot Network (MHN) set-up in a Linode server. As the data suffer from high variance in terms of the type of data in each row, bagging is chosen because it can classify binary class, date class, missing values, nominal class, numeric class, unary class and empty class. As a base classifier of bagging, random tree is applied because it can handle similar types of data as bagging, but better than other classifiers because it is faster and more accurate. The findings of the research show that all features in botnet dataset are equally important to identify the malicious behaviour as all scored more than 97%, with the exception of TCP and UDP. During the research experiment, it was discovered that the accuracy of phishing and botnet datasets is more than 89% average in both cross validation and test analysis. The study concludes by offering recommendations and future research directions that may assist in future malware identification.en_NZ
dc.language.isoenen_NZ
dc.publisherAuckland University of Technology
dc.subjectEnsemble methoden_NZ
dc.subjectMalicious softwareen_NZ
dc.subjectBaggingen_NZ
dc.subjectRandom treeen_NZ
dc.subjectFeature selectionen_NZ
dc.titleA Study of Malware Behaviour of Webpagesen_NZ
dc.typeThesisen_NZ
thesis.degree.grantorAuckland University of Technology
thesis.degree.levelMasters Theses
thesis.degree.nameMaster of Information Security and Digital Forensicsen_NZ
dc.rights.accessrightsOpenAccess
dc.date.updated2019-05-20T00:30:36Z


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record