Masters Theses
Date of Award
5-2003
Degree Type
Thesis
Degree Name
Master of Science
Major
Computer Science
Major Professor
Jens Gregor
Committee Members
Michael G. Thomason, Bradley Vander Zanden
Abstract
This thesis introduces and describes SPARTA (for Stochastic Profiling Application for the Rendering of Trees and Automata), a graphical user interface used as a front end to a collection of tools written in C that collectively convert a log of registry system calls performed by an application into binary descriptions of PSTs (for Probabilistic Suffix Trees) and PSAs (for Probabilistic Suffix Automata), which are models used to represent application behavior on Windows-based systems. SPARTA works by rendering these binary descriptions into graphical form, showcasing a variety of features intended to make the user interaction with PSTs and PSAs informative and insightful.
The ultimate goal of SPARTA is to aid in the process of profiling applications based on the system calls they make, using characteristics from PSTs and PSAs that are more easily noticeable in their graphical form to define “normal” behavior for Windows applications. With knowledge of normal behavior, these very same models can be used to measure deviations that might ultimately result in the destructive actions of malicious mobile code, enabling the user to halt or quarantine them before they take place.
Recommended Citation
Cerqueira, Victor P. De, "SPARTA: A Graphical User Interface for Malicious Mobile Code Fingerprint-ing.. " Master's Thesis, University of Tennessee, 2003.
https://trace.tennessee.edu/utk_gradthes/1933