Name
Abstract | ||
|---|---|---|
To successfully identify the metamorphic viruses oriented from the same base, anti-virus software has adopted the code normalization technique to transform the variations to a more uniform signature representation. Current code normalization technique focuses on the simplification of the arithmetical or logical operators. In this paper, we introduce a new technique of generating metamorphic viruses by embedding complicated manipulation functions that cannot be normalized into the malicious executables. Using encryption/decryption functions as an example, we present this evasion strategy that malware writers could employ in the future. We demonstrate the strategy's effectiveness in evading detection by current anti-virus technologies. We also discuss the potential mitigation mechanisms. |
Year | DOI | Venue |
|---|---|---|
2011 | 10.1109/MILCOM.2011.6127478 | 2011 - MILCOM 2011 MILITARY COMMUNICATIONS CONFERENCE |
Keywords | Field | DocType |
encryption,malware,databases,registers,semantics | Cryptovirology,Normalization (statistics),Embedding,Computer science,Theoretical computer science,Encryption,Software,Operator (computer programming),Malware,Executable | Conference |
Citations | PageRank | References |
0 | 0.34 | 7 |
Authors | ||
2 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Rodney Owens | 1 | 110 | 5.60 |
| Weichao Wang | 2 | 500 | 33.87 |