On Analysis and Effectiveness of Signature Based in Detecting Metamorphic Virus
Computer viruses and other forms of malware have viewed as a threat to any software system. They have the capability to deliver a malicious infection. A common technique that virus writers use to avoid detection is to enable the virus to change itself by having some kind of selfmodifying code. This...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
2013
|
| Subjects: | |
| Online Access: | http://umpir.ump.edu.my/id/eprint/6307/1/On_Analysis_and_Effectiveness_of_Signature_Based_in_Detecting_Metamorphic_Virus.pdf http://umpir.ump.edu.my/id/eprint/6307/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Universiti Malaysia Pahang Al-Sultan Abdullah |
| Language: | English |
| id |
my.ump.umpir.6307 |
|---|---|
| record_format |
eprints |
| spelling |
my.ump.umpir.63072018-01-22T02:04:59Z http://umpir.ump.edu.my/id/eprint/6307/ On Analysis and Effectiveness of Signature Based in Detecting Metamorphic Virus Imran Edzereiq, Kamarudin Syahrizal Azmir, Md Sharif Tutut, Herawan QA76 Computer software Computer viruses and other forms of malware have viewed as a threat to any software system. They have the capability to deliver a malicious infection. A common technique that virus writers use to avoid detection is to enable the virus to change itself by having some kind of selfmodifying code. This kind of virus is commonly known as a metamorphic virus, and can be particularly difficult to detect. Metamorphic viruses have a potential to avoid any signaturebased detection schemes by implementing code obfuscation techniques in an effort to defeat it. In metamorphic virus, if dead code is added and the control flow is changed sufficiently by inserting jump statements, the virus cannot be detected. In this paper we first developed a code obfuscation engine. We then used this engine to create metamorphic variants of a seed virus and performed the validity of the statement about metamorphic viruses and signature based detectors. Last but not least, we have propose a profile which enclose the information about the existing metamorphic viruses infection. 2013 Article PeerReviewed application/pdf en http://umpir.ump.edu.my/id/eprint/6307/1/On_Analysis_and_Effectiveness_of_Signature_Based_in_Detecting_Metamorphic_Virus.pdf Imran Edzereiq, Kamarudin and Syahrizal Azmir, Md Sharif and Tutut, Herawan (2013) On Analysis and Effectiveness of Signature Based in Detecting Metamorphic Virus. International Journal of Security and Its Applications, 7 (4). pp. 375-385. (Published) |
| institution |
Universiti Malaysia Pahang Al-Sultan Abdullah |
| building |
UMPSA Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Malaysia Pahang Al-Sultan Abdullah |
| content_source |
UMPSA Institutional Repository |
| url_provider |
http://umpir.ump.edu.my/ |
| language |
English |
| topic |
QA76 Computer software |
| spellingShingle |
QA76 Computer software Imran Edzereiq, Kamarudin Syahrizal Azmir, Md Sharif Tutut, Herawan On Analysis and Effectiveness of Signature Based in Detecting Metamorphic Virus |
| description |
Computer viruses and other forms of malware have viewed as a threat to any software system. They have the capability to deliver a malicious infection. A common technique that virus writers use to avoid detection is to enable the virus to change itself by having some kind of selfmodifying code. This kind of virus is commonly known as a metamorphic virus, and can be particularly difficult to detect. Metamorphic viruses have a potential to avoid any signaturebased detection schemes by implementing code obfuscation techniques in an effort to defeat it. In metamorphic virus, if dead code is added and the control flow is changed sufficiently by inserting jump statements, the virus cannot be detected. In this paper we first developed a code obfuscation engine. We then used this engine to create metamorphic variants of a seed virus and performed the validity of the statement about metamorphic viruses and signature based detectors. Last but not least, we have propose a profile which enclose the information about the existing metamorphic viruses infection. |
| format |
Article |
| author |
Imran Edzereiq, Kamarudin Syahrizal Azmir, Md Sharif Tutut, Herawan |
| author_facet |
Imran Edzereiq, Kamarudin Syahrizal Azmir, Md Sharif Tutut, Herawan |
| author_sort |
Imran Edzereiq, Kamarudin |
| title |
On Analysis and Effectiveness of Signature Based in Detecting Metamorphic Virus |
| title_short |
On Analysis and Effectiveness of Signature Based in Detecting Metamorphic Virus |
| title_full |
On Analysis and Effectiveness of Signature Based in Detecting Metamorphic Virus |
| title_fullStr |
On Analysis and Effectiveness of Signature Based in Detecting Metamorphic Virus |
| title_full_unstemmed |
On Analysis and Effectiveness of Signature Based in Detecting Metamorphic Virus |
| title_sort |
on analysis and effectiveness of signature based in detecting metamorphic virus |
| publishDate |
2013 |
| url |
http://umpir.ump.edu.my/id/eprint/6307/1/On_Analysis_and_Effectiveness_of_Signature_Based_in_Detecting_Metamorphic_Virus.pdf http://umpir.ump.edu.my/id/eprint/6307/ |
| _version_ |
1822916359159283712 |