Yara 規則快速篩選偵測 Mirai 惡意程式之研究

文化大學機構典藏 CCUR > 商學院 > 資訊管理學系暨資訊管理研究所 > 博碩士論文 > Item 987654321/51080

Please use this identifier to cite or link to this item: https://irlib.pccu.edu.tw/handle/987654321/51080

Title:	Yara 規則快速篩選偵測 Mirai 惡意程式之研究 The Study of Fast Filtering Mirai Malware via Yara Rules
Authors:	邱友仁
Contributors:	資訊管理學系碩士在職專班
Keywords:	Yara規則快速篩選偵測 Mirai 惡意程式 Yara rule Filtering Mirai malware
Date:	2022
Issue Date:	2023-02-21 14:03:41 (UTC+8)
Abstract:	近年來新冠肺炎(Covid 19)肆虐全球的情況下，配合政府防疫措施許多人居家辦公，物聯網設備取代人力的需求量逐漸增加。透過遠端連線與VPN跳板方式連到系統與設備，讓駭客入侵的機會的風險也增加，當資訊設備遭受駭客入侵時涉及商業利益與個人資料洩漏等風險。為避免被入侵淪落成駭客的殭屍網路成員。本研究主要探討為殭屍網路Mirai病毒原始程式碼之研究，透過原始程式碼了解程式碼行為與特徵，並透過Yara規則快速篩選偵測Mirai惡意程式。 Due to the global pandemic (Covid 19) in recent years, most people work from home under the government's epidemic prevention measures; the demand for replacing human resources with the Internet of Things devices is also gradually increasing. These methods of connecting to systems and devices through remote connections and VPN jumpers increase the chances of being hacked. When information equipment is hacked, it may lead to risks such as business loss and personal data leakage. To avoid being invaded and becoming a member of the hacker's botnet, this study focuses on the source code of "the Mirai virus" for botnets. The study focuses on the behavior and characteristics of the botnets through the original code and detecting Mirai malware filtering with the Yara rule.
Appears in Collections:	[Department of Information Management & Graduate Institute of Information Management] Thesis

Files in This Item:

File	Description	Size	Format
index.html		0Kb	HTML	173	View/Open

View Licence

Loading...