Metamorphic authorship recognition using Markov models

2008-05-01

Mohamed R. Chouchane

University of Louisiana at Lafayette, USA

Andrew Walenstein

University of Louisiana at Lafayette, USA

Arun Lakhotia

University of Louisiana at Lafayette, USA
Editor: Helen Martin

Abstract

Automated code morphing techniques can make malware recognition difficult. In this article researchers at the University of Lafayette propose a method that can be used to decide whether a binary is a variant of a known item of metamorphic malware by treating the morphing engine as an author.


The full article is available to registered users. Click here for free registration or, if you already are a registered user, login to access the full article.


Poll

How should software and OS patching/security updates be managed?
Manually, at the user's discretion
Automatically via an optional, user-defined schedule
Automatically via a fixed, but optional schedule
Automatically via a fixed schedule, on by default with opt-out system
Automatically and silently, with no option to run unpatched

Leave a comment
View 19 comments

Jobs Recruit Sidebar

Malware Prevalence

Dropper-misc |################|
Waledac |###############|
Agent |###########|
NetSky |#######|
Invoice |######|
 View this month's full report
Virus Bulletin currently has 165,683 registered users.