Beschreibung
A metamorphic computer virus employs different obfuscation techniques to mutate its code, in its new instance in the new infected file. The mutated instance has the similar behavior and function of the original virus, but the binary pattern of the code is entirely different from its parent. Therefore, metamorphic variants of a virus family cannot be simply detected by most of commercial antivirus products, because their solutions depend on a signature database and employ string signature-based detection methods. Hence, the antivirus detection engine can be evaded by obfuscation techniques, easily. This book is a technical report of a PhD research on the metamorphic computer viruses, their characteristics and features, and detection methods. In this research, a machine learning based model (Hidden Markov Model) has been developed to classify and detect this type of malware. In the proposed method, a HMM is designed and trained on the statistical features of opcodes of executable viral files. This model can be employed to recognize the similar patterns and detect other variants of the same family of metamorphic viruses. The evaluation of the proposed method is discussed in details.
Autorenporträt
Dr. Babak Bashari Rad is a PhD in Computer Science from University Technology of Malaysia. His main research area includes Machine Learning and Information Security. Currently, he is Program Leader of Postgraduate Studies and Senior Lecturer in School of Computing and Technology, Asia Pacific University of Technology and Innovation (APU), Malaysia.
Herstellerkennzeichnung:
OmniScriptum SRL
Str. Armeneasca 28/1, office 1
2012 Chisinau
MD
E-Mail: info@omniscriptum.com
