Abstract

The use of malware as a tool for cybercrime has become increasingly prevalent in recent years, resulting in significant economic losses and security threats. Conventionally, malware is written in C/C++. However, a recent trend has been observed where other languages are being used to write malware. One such language is the Rust programming language. This thesis aims to explore the aspects of the Rust programming language that contribute to its preference for the development of malware, limitations in current analysis tools and remediation for the same. A Systematic Literature Review (SLR) was conducted to identify the trends of current research on malware written in the Rust programming language. For experimentation, 40 malware samples belonging to 6 different categories of malware were developed in the C and the Rust programming languages. These samples were compared for their ease of analysis and effectiveness of antivirus evasion. It was observed that academic and individual research in this area is sparse compared to industrial research. Results of the experimentation show that current tools are comparatively less effective at analyzing and reverse engineering malware written in the Rust programming language than those written in C. Moreover, malware written in the Rust programming language evades antivirus detection much better than their C counterparts. Based on the findings, a practical framework to analyze malware written in the Rust programming language is proposed. The findings of this thesis highlight the need for enhanced detection strategies for malware that are written in unconventional programming languages. Overall, it contributes to the broader literature on cybersecurity by offering new perspectives and recommendations for addressing this critical challenge.

Library of Congress Subject Headings

Malware (Computer software); Programming languages (Electronic computers); Rust (Computer program language); C (Computer program language)

Publication Date

5-2023

Document Type

Thesis

Student Type

Graduate

Degree Name

Computing Security (MS)

Advisor

Wesam Almobaideen

Advisor/Committee Member

Kevser Ovaz Akpinar

Campus

RIT Dubai

Plan Codes

COMPSEC-MS

Download

Share

COinS