Advanced Metamorphic Techniques in Computer Viruses
نویسنده
چکیده
Nowadays viruses use polymorphic techniques to mutate their code on each replication, thus evading detection by antiviruses. However detection by emulation can defeat simple polymorphism: thus metamorphic techniques are used which thoroughly change the viral code, even after decryption. We briefly detail this evolution of virus protection techniques against detection and then study the METAPHOR virus, today’s most advanced metamorphic virus. Keywords—Computer virus, Viral mutation, Polymorphism, Metamorphism, MetaPHOR, Virus history, Obfuscation, Viral genetic techniques
منابع مشابه
Advanced Polymorphic Techniques
Nowadays viruses use polymorphic techniques to mutate their code on each replication, thus evading detection by antiviruses. However detection by emulation can defeat simple polymorphism: thus metamorphic techniques are used which thoroughly change the viral code, even after decryption. We briefly detail this evolution of virus protection techniques against detection and then study the METAPHOR...
متن کاملMetamorphic Virus: Analysis and Detection
Metamorphic viruses transform their code as they propagate, thus evading detection by static signature-based virus scanners, while keeping their functionality. They use code obfuscation techniques to challenge deeper static analysis and can also beat dynamic analyzers, such as emulators, by altering their behavior. To achieve this, metamorphic viruses use several metamorphic transformations, in...
متن کاملMetamorphic Viruses Detection Technique Based on the the Modified Emulators
An article presents a new technique for metamorphic viruses detection using modified emulators, placed in the hosts of the network. Proposed technique provides the classification of the metamorphic virus in classes with the usage of the fuzzy logic. Technique makes it possible to detect the metamorphic viruses, which use obfuscation techniques. The results of experimental studies showed the eff...
متن کاملDetecting Metamorphic Viruses Using Profile Hidden Markov Models
Detecting Metamorphic Viruses using Profile Hidden Markov Models By Srilatha Attaluri Metamorphic computer viruses “mutate” by changing their structure every time they propagate. Unlike other viruses, they use code obfuscation techniques on the body of the virus and do not exhibit a common signature. With the advent of construction kits, it is easy to generate various metamorphic strains of a v...
متن کاملAnalysis and Detection of Metamorphic Computer Viruses
comparison between our approach and commercial virus scanners. I would also like to thank my friends and schoolmates for their technical and emotional support. I want to thank Yue Wang for performing the virus scanning, and Peter Hey for repairing my hard disk after it crashed at the most critical moment. Finally I want to thank my family for their understanding and support throughout my five y...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2008