metamorphic Virus Research Papers - Academia.edu (original) (raw)

1,066 Followers

Recent papers in metamorphic Virus

• Top Papers

• Most Cited Papers

• Most Downloaded Papers

• Newest Papers

• People

• • by John Scott-Railton
  • •
  • Social Movements, Computer Science, Computer Security And Reliability, Information Security
• • by Anita Jindal
  • •
  • Computer Virus, metamorphic Virus, Malware Morphing Engines, Obfuscation Engines
• • by Vishal Goyal
  • •
  • Machine Translation, Computer Virus, metamorphic Virus, Malware Morphing Engines
• • by Betsy Aliaga
  • •
  • Computer Virus, metamorphic Virus, Malware Morphing Engines, Obfuscation Engines
• • by Armando Marques-Guedes
  • •
  • History, Cultural History, Economic History, Sociology

Metamorphic viruses engage different mutation techniques to escape from string signature based scanning. They try to change their code in new offspring so that the variants appear non-similar and have no common sequences of string as... more

Metamorphic viruses engage different mutation techniques to escape from string signature based scanning. They try to change their code in new offspring so that the variants appear non-similar and have no common sequences of string as signature. However, all versions of a metamorphic virus have similar task and performance. This obfuscation process helps to keep them safe from the string based signature detection. In this study, we make use of instructions statistical features to compare the similarity of two hosted files probably occupied by two mutated forms of a specific metamorphic virus. The introduced solution in this paper is relied on static analysis and employs the frequency histogram of machine opcodes in different instances of obfuscated viruses. We use Minkowski-form histogram distance measurements in order to check the likeness of portable executables (PE). The purpose of this research is to present an idea that for a number of special obfuscation approaches the presented solution can be used to identify morphed copies of a file. Thus, it can be applied by antivirus scanner to recognize different versions of a metamorphic virus.

• • by Assoc Prof Dr Babak Bashari Rad
  • •
  • Computer Science, Computer Security And Reliability, Computer Security, Malware Analysis

This chapter presents an outline of the challenges involved in constructing efficient malware detection engines using hybrid CPU/GPU-accelerated architectures and discussed how one can overcome such challenges. Starting with a general... more

This chapter presents an outline of the challenges involved in constructing efficient malware detection engines using hybrid CPU/GPU-accelerated architectures and discussed how one can overcome such challenges. Starting with a general problem description for malware detection and moving on to the algorithmic background involved for solving it, we present a review of the existing approaches for detecting malware and discuss how such approaches may be improved through GPU-accelerated
processing. We describe and discuss several hybrid hardware architectures built for detecting malicious software and outline the particular characteristics of each, separately, followed by a debate on their performance and most suitable application in real-world environments. Finally, we tackle the problem of performing real-time malware detection and present the most important aspects which need to be taken into account in intrusion detection systems.

• • by Ciprian Pungilă
  • •
  • Computer Science, Information Security, Network Security, GPGPU (General Purpose GPU) Programming

A short paper on the troubles of Stuxnet

• • by Ericka Durgahee
  • •
  • Cybercrimes, The Internet, Computer Virus, metamorphic Virus

In order to prevent detection and evade signature-based scanning methods, which are normally exploited by anti-virus softwares, metamorphic viruses use several various obfuscation approaches. They transform their code in new instances as... more

In order to prevent detection and evade signature-based scanning methods, which are normally exploited by anti-virus softwares, metamorphic viruses use several various obfuscation approaches. They transform their code in new instances as look entirely or partly different and contain dissimilar sequences of string, but their behavior and function remain unchanged. This obfuscation process allows them to stay away from the string based signature detection. In this research, we use a statistical technique to compare the similarity between two files infected by two morphed versions of a given metamorphic virus. Our proposed solution based on static analysis and it uses the histogram of machine instructions frequency in various offspring of obfuscated viruses. We use Euclidean histogram distance metric to compare a pair of portable executable (PE) files. The aim of this study is to show that for some particular obfuscation methods, the presented solution can be exploited to detect morphed varieties of a file. Hence, it can be utilized by non-string based signature scanning to identify whether a file is a version of a metamorphic virus or not.

• • by Assoc Prof Dr Babak Bashari Rad
  • •
  • Computer Science, Cryptography, Malware Analysis, Computer Virus

In current times, anti-virus scanners are usually built on signatures which look for known patterns in order to decide if a file is virus infected. Hackers have incorporated the code obfuscation methods to generate highly metamorphic... more

In current times, anti-virus scanners are usually built on signatures which look for known patterns in order to decide if a file is virus infected. Hackers have incorporated the code obfuscation methods to generate highly metamorphic system malware in order to evade detection of signature based scanners. The scanners which are signature based may not be able to detect all existence of such viruses. Since, the metamorphic malware changes their appearance from one generation to another. Metamorphic malware is one of the many techniques that hackers use to attack systems. This paper explores the common types of computer malwares and metamorphic computer viruses while reviewing the different techniques of metamorphic malwares which are able to avoid detection.

• • by SDIWC Organization
  • •
  • Computer Virus, metamorphic Virus, Malware

Morphing engines or mutation engines are exploited by metamorphic virus to change the code appearance in every new generation. The purpose of these engines is to escape from the signature-based scanner, which employs a unique string... more

Morphing engines or mutation engines are exploited by metamorphic virus to change the code appearance in every new generation. The purpose of these engines is to escape from the signature-based scanner, which employs a unique string signature to detect the virus. Although the obfuscation techniques try to convert the binary sequence of the code, in some techniques, the statistical feature of the code binaries will be still remain unchanged, relatively. Accordingly, this feature can be utilized to classify the engine and detect the morphed virus code. In this article, we are going to introduce a new idea to classify the obfuscation engines based on their code statistical feature using the histogram comparison.

• • by Assoc Prof Dr Babak Bashari Rad
  • •
  • Computer Virus, metamorphic Virus, Malware Morphing Engines, Obfuscation Engines

Detection tools such as virus scanners have performed poorly, particularly when facing previously unknown virus or novel variants of existing ones. This study proposes an efficient and novel method based on arbitrary length of control... more

Detection tools such as virus scanners have performed poorly, particularly when facing previously unknown virus or novel variants of existing ones. This study proposes an efficient and novel method based on arbitrary length of control flow graphs (ALCFG) and similarity of the aligned ALCFG matrix. The metamorphic viruses are generated by two tools; namely: next generation virus creation kit (NGVCK0.30) and virus creation lab for Windows 32 (VCL32). The results show that all the generated metamorphic viruses can be detected by using the suggested approach, while less than 62% are detected by well-known antivirus software.

• • by Adnan Al-Smadi
  • •
  • Ubiquitous Computing, metamorphic Virus, Antivirus, Similarity Measurement
• • by Mez Breeze
  • •
  • Computer Science, Media Studies, Digital Humanities, Live Art
• • by abdellatif berkat
  • •
  • Computer Science, Data Mining, Intelligent Systems, Intelligent Control Systems

Metamorphic virus employs code obfuscation techniques to mutate itself. It absconds from signature-based detection system by modifying internal structure without compromising original functionality. In this paper, we propose a new method,... more

Metamorphic virus employs code obfuscation techniques to mutate itself. It absconds from signature-based detection system by modifying internal structure without compromising original functionality. In this paper, we propose a new method, for detecting metamorphic computer viruses, that is based on the technique of Case-Based Reasoning (CBR). In this method:-Can detect similar viruses with high probability.-The updating of the virus database is done automatically without connecting to the Internet. Whenever a new virus is detected, it will be automatically added to the database used by our application. This presents a major advantage.

• • by International Journal of Software Engineering & Applications (IJSEA)-ERA Indexed
  • •
  • Computer Science, Data Mining, Case-Based Reasoning, Intelligent Systems
• • by Mez Breeze
  • •
  • Media Studies, Digital Humanities, Live Art, Social Media
• • by abdellatif berkat
  • •
  • Computer Science, Data Mining, Intelligent Systems, Intelligent Control Systems
• • by Suhaimi Ibrahim
  • •
  • Computer Virus, metamorphic Virus, Malware Morphing Engines, Obfuscation Engines

Log In