A Masters Defense given by Arnav Bhandari.  

Every computer application executes thousands of lines of machine level instructions. This thesis seeks to develop a dynamic analysis of these instructions and create profiles that are indicative of what the application’s behavior is. A dynamic analysis of Linux instructions is done to create a profile based on the counts or sequences of the disassembled machine level instructions. Further analysis is done to only consider subsets of these thousands of lines of code. To reduce the features in the profiles, the value of including/ excluding library calls to distinguish behavior is considered. Other criteria including mapping to fewer categories and varying the length of the sequence size is considered and the impact on correctly identifying behavior is studied. This research is done specifically on single-threaded Linux utilities since they are easily available and perform a wide range of different functions with similar and dissimilar projected behavior.