Automated Generation of Malware Metadata Signatures

Author

Joel Schott, Missouri University of Science and Technology

Keywords and Phrases

automatic; email; malware; metadata; signature; ZIP

Abstract

In advanced, targeted malware attacks, the custom software tools used to package and send malicious files and messages can lead to distinctive metadata values that facilitate creation of a malware metadata signature. Manual creation of these signatures requires expert domain knowledge and is time-consuming and error-prone. Our goal is to automate this process. We created several methods of automatically generating malware metadata signatures for ZIP files and emails. We evaluated these methods by comparing signatures generated with these methods to existing expert-created signatures. We found automated methods for ZIP files and emails that are capable of generating metadata signatures that are comparable to the expert-created signatures.

Advisor(s)

Sedigh, Sahra

Committee Member(s)

Smutz, Charles
Taylor, Patrick

Department(s)

Computer Science

Degree Name

M.S. in Computer Science

Publisher

Missouri University of Science and Technology

Publication Date

2025

Pagination

viii, 35 pages

Note about bibliography

Includes_bibliographical_references_(pages 32-34)

Rights

© 2025 Joel Schott , All Rights Reserved

Document Type

Thesis - Open Access

File Type

text

Language

English

Thesis Number

T 12499

Recommended Citation

Schott, Joel, "Automated Generation of Malware Metadata Signatures" (2025). Masters Theses. 8241.
https://scholarsmine.mst.edu/masters_theses/8241