Analysis and effectiveness of signature based in detecting metamorphic virus
Computer viruses and other forms of malware have viewed as a threat to any software system. A computer virus is a piece of software which takes advantage of known weaknesses in a software system. It has the capability to deliver a malicious infection. A common technique that virus writers use to avo...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2010
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/id/eprint/12075/6/SyahrizalAzmirSharifMFSKSM2010.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my-utm-ep.12075 |
|---|---|
| record_format |
uketd_dc |
| spelling |
my-utm-ep.120752017-09-28T04:27:44Z Analysis and effectiveness of signature based in detecting metamorphic virus 2010-04 Md. Sharif, Syahrizal Azmir QA75 Electronic computers. Computer science Computer viruses and other forms of malware have viewed as a threat to any software system. A computer virus is a piece of software which takes advantage of known weaknesses in a software system. It has the capability to deliver a malicious infection. A common technique that virus writers use to avoid detection is to enable the virus to change itself by having some kind of self-modifying code. This kind of virus is commonly known as a metamorphic virus, and can be particularly difficult to detect. As being discussed, metamorphic viruses have a potential to avoid any signature-based detection schemes by implementing code obfuscation techniques in an effort to defeat it. In metamorphic virus, if dead code is added and the control flow is changed sufficiently by inserting jump statements, the virus cannot be detected. In this project we first developed a code obfuscation engine. We then used this engine to create metamorphic variants of a seed virus and performed the validity of the statement about metamorphic viruses and signature based detectors. Last but not least, we have propose a profile which enclose the information about the existing metamorphic viruses infection. 2010-04 Thesis http://eprints.utm.my/id/eprint/12075/ http://eprints.utm.my/id/eprint/12075/6/SyahrizalAzmirSharifMFSKSM2010.pdf application/pdf en public masters Universiti Teknologi Malaysia, Faculty of Computer Science and Information Systems Faculty of Computer Science and Information System |
| institution |
Universiti Teknologi Malaysia |
| collection |
UTM Institutional Repository |
| language |
English |
| topic |
QA75 Electronic computers Computer science |
| spellingShingle |
QA75 Electronic computers Computer science Md. Sharif, Syahrizal Azmir Analysis and effectiveness of signature based in detecting metamorphic virus |
| description |
Computer viruses and other forms of malware have viewed as a threat to any software system. A computer virus is a piece of software which takes advantage of known weaknesses in a software system. It has the capability to deliver a malicious infection. A common technique that virus writers use to avoid detection is to enable the virus to change itself by having some kind of self-modifying code. This kind of virus is commonly known as a metamorphic virus, and can be particularly difficult to detect. As being discussed, metamorphic viruses have a potential to avoid any signature-based detection schemes by implementing code obfuscation techniques in an effort to defeat it. In metamorphic virus, if dead code is added and the control flow is changed sufficiently by inserting jump statements, the virus cannot be detected. In this project we first developed a code obfuscation engine. We then used this engine to create metamorphic variants of a seed virus and performed the validity of the statement about metamorphic viruses and signature based detectors. Last but not least, we have propose a profile which enclose the information about the existing metamorphic viruses infection. |
| format |
Thesis |
| qualification_level |
Master's degree |
| author |
Md. Sharif, Syahrizal Azmir |
| author_facet |
Md. Sharif, Syahrizal Azmir |
| author_sort |
Md. Sharif, Syahrizal Azmir |
| title |
Analysis and effectiveness of signature based in detecting metamorphic virus |
| title_short |
Analysis and effectiveness of signature based in detecting metamorphic virus |
| title_full |
Analysis and effectiveness of signature based in detecting metamorphic virus |
| title_fullStr |
Analysis and effectiveness of signature based in detecting metamorphic virus |
| title_full_unstemmed |
Analysis and effectiveness of signature based in detecting metamorphic virus |
| title_sort |
analysis and effectiveness of signature based in detecting metamorphic virus |
| granting_institution |
Universiti Teknologi Malaysia, Faculty of Computer Science and Information Systems |
| granting_department |
Faculty of Computer Science and Information System |
| publishDate |
2010 |
| url |
http://eprints.utm.my/id/eprint/12075/6/SyahrizalAzmirSharifMFSKSM2010.pdf |
| _version_ |
1747814894701379584 |