Metamorphic Viruses Detection Technique Based on the the Modified Emulators
نویسندگان
چکیده
An article presents a new technique for metamorphic viruses detection using modified emulators, placed in the hosts of the network. Proposed technique provides the classification of the metamorphic virus in classes with the usage of the fuzzy logic. Technique makes it possible to detect the metamorphic viruses, which use obfuscation techniques. The results of experimental studies showed the effectiveness of the proposed method of detection metamorphic virus copies at 85%.
منابع مشابه
Metamorphic Virus: Analysis and Detection
Metamorphic viruses transform their code as they propagate, thus evading detection by static signature-based virus scanners, while keeping their functionality. They use code obfuscation techniques to challenge deeper static analysis and can also beat dynamic analyzers, such as emulators, by altering their behavior. To achieve this, metamorphic viruses use several metamorphic transformations, in...
متن کاملDetecting Undetectable Computer Viruses
Signature-based detection relies on patterns present in viruses and provides a relatively simple and efficient method for detecting known viruses. At present, most anti-virus systems rely primarily on signature detection. Metamorphic viruses are one of the most difficult types of viruses to detect. Such viruses change their internal structure, which provides an effective means of evading signat...
متن کاملMetamorphic Viruses' Detection Technique Based on the Equivalent Functional Block Search
The article presents a new technique for metamorphic viruses detection based on the search of equivalent functional blocks. The method takes into account the obfuscation techniques of blocks reordering. The method involves the searching of the correspondences between the functional blocks of the metamorphic versions, and consists of two stages. On the first stage the equivalent functional block...
متن کاملAnalysis and Detection of Metamorphic Computer Viruses
comparison between our approach and commercial virus scanners. I would also like to thank my friends and schoolmates for their technical and emotional support. I want to thank Yue Wang for performing the virus scanning, and Peter Hey for repairing my hard disk after it crashed at the most critical moment. Finally I want to thank my family for their understanding and support throughout my five y...
متن کاملMetamorphic Virus Variants Classification Using Opcode Frequency Histogram
In order to prevent detection and evade signature-based scanning methods, which are normally exploited by antivirus softwares, metamorphic viruses use several various obfuscation approaches. They transform their code in new instances as look entirely or partly different and contain dissimilar sequences of string, but their behavior and function remain unchanged. This obfuscation process allows ...
متن کامل