The Art of Computer Virus Research and Defense
The Art of Computer Virus Research and Defense
Semantics-Aware Malware Detection
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Approximate detection of machine-morphed variants of malicious programs
Approximate detection of machine-morphed variants of malicious programs
Hi-index | 0.00 |
A method is proposed that applies techniques from the discipline of forensic linguistics to the problem of detecting machine-generated malicious programs, such as metamorphic malware, by attempting to attribute a suspect program to a known malware-generator. This method considerably reduces the burden of having to store one signature for every known malware instance. The proposed method was tested on a number of toolkit-generated malware instances (NGVCK and VCL) and metamorphic instances (Evol and Simile), and achieved a detection accuracy of up to 92% for the toolkits and engines that were experimented with.