More concretely, it describes three main contributions. This thesis presents novel tools to detect and analyze potentially unwanted programs. For example, current malware analysis systems operate on a single program execution, while detecting incomplete PUP uninstallations requires analyzing together two program executions: the installation and the uninstallation. Current malware analysis systems are not able to detect and analyze characteristic behaviors of PUP.
PUP may be difficult to uninstall and may persist installed in the system after the user tries to uninstall it. During installation, besides the target program desired by the user, the installer may install PUP as well. Freeware is often distributed as an installer, i.e., an auxiliary program in charge of performing all installation steps for the target program. Download portals can be abused to distribute PUP. A popular vector for distributing freeware are download portals, i.e., websites that index, categorize, and host programs.
PUP often comes bundled with freeware, i.e., proprietary software that can be used free of charge.
In this thesis we study potentially unwanted programs (PUP), a category of undesirable software that, while not outright malicious, contains behaviors that may alter the security state or the privacy of the system on which they are installed.
0 kommentar(er)
