A metamorphic computer virus employs different obfuscation techniques to mutate its code, in its new instance in the new infected file. The mutated instance has the similar behavior and function of the original virus, but the binary pattern of the code is entirely different from its parent. Therefore, metamorphic variants of a virus family cannot be simply detected by most of commercial antivirus products, because their solutions depend on a signature database and employ string signature-based detection methods. Hence, the antivirus detection engine can be evaded by obfuscation techniques, easily. This book is a technical report of a PhD research on the metamorphic computer viruses, their characteristics and features, and detection methods. In this research, a machine learning based model (Hidden Markov Model) has been developed to classify and detect this type of malware. In the proposed method, a HMM is designed and trained on the statistical features of opcodes of executable viral files. This model can be employed to recognize the similar patterns and detect other variants of the same family of metamorphic viruses. The evaluation of the proposed method is discussed in details.
Hinweis: Dieser Artikel kann nur an eine deutsche Lieferadresse ausgeliefert werden.
Hinweis: Dieser Artikel kann nur an eine deutsche Lieferadresse ausgeliefert werden.