Metamorphic Malware Analysis and Detection Methods
نویسندگان
چکیده
Malware or malicious code is software causing some unwanted and unauthorized activities on the system in a stealthy manner without the knowledge of the user. Malware activation makes the system vulnerable to malicious activities of the attacker. Malware makes its way to the system because of the lack of security awareness amongst users. It spreads through network vulnerabilities such as email attachments. Malware can be classified as viruses, Trojans, botnets, adware, spyware, rootkits etc. Some of the activities of notable malware are follows:
منابع مشابه
The Grand Challenge in Metamorphic Analysis
Malware detection is a crucial aspect of software security. Malware typically recur to a variety of disguise and concealing techniques in order to avoid detection. Metamorphism is the ability of a program to mutate its form yet keeping unchanged its functionality and therefore its danger in case of malware. A major challenge in this field is the development of general automatic/systematic detec...
متن کاملCHI-SQUARED DISTANCE AND METAMORPHIC VIRUS DETECTION A Thesis
CHI-SQUARED DISTANCE AND METAMORPHIC VIRUS DETECTION by Annie H. Toderici Malware are programs that are designed with a malicious intent. Metamorphic malware change their internal structure each generation while still maintaining their original behavior. As metamorphic malware become more sophisticated, it is important to develop efficient and accurate detection techniques. Current commercial a...
متن کاملUnknown Metamorphic Malware Detection: Modelling with Fewer Relevant Features and Robust Feature Selection Techniques
Detection of metamorphic malware is a challenging problem as a result of high diversity in the internal code structure between generations. Code morphing/obfuscation when applied, reshapes malware code without compromising the maliciousness. As a result, signature based scanners fail to detect metamorphic malware. Prior research in the domain of metamorphic malware detection utilizes similarity...
متن کاملMetamorphic Malware Detection Using Function Call Graph Analysis
Previous work has shown that well-designed metamorphicmalware can evade many commonly-used malware detection techniques, including signature scanning. In this paper, we consider a previously developed score which is based on function call graph analysis. We test this score on challenging classes of metamorphic malware and we show that the resulting detection rates yield an improvement over othe...
متن کاملA framework for metamorphic malware analysis and real-time detection
Metamorphism is a technique that mutates the binary code using different obfuscations. It is difficult to write a new metamorphic malware and in general malware writers reuse old malware. To hide detection the malware writers change the obfuscations (syntax) more than the behavior (semantic) of such a new malware. On this assumption and motivation, this paper presents a new framework named MARD...
متن کاملOptimal Features for Metamorphic Malware Detection
Malware or malicious code intends to harm computer systems without the knowledge of system users. These malicious softwares are unknowingly installed by naive users while browsing the Internet. Once installed, the malware performs unintentional activities like (a) steal username, password; (b) install spy software to provide remote access to the attackers; (c) flood spam messages; (d) perform d...
متن کامل