Metamorphic authorship recognition using Markov models

2008-05-01

Mohamed R. Chouchane

University of Louisiana at Lafayette, USA

Andrew Walenstein

University of Louisiana at Lafayette, USA

Arun Lakhotia

University of Louisiana at Lafayette, USA

Editor: Helen Martin

Abstract

Automated code morphing techniques can make malware recognition difficult. In this article researchers at the University of Lafayette propose a method that can be used to decide whether a binary is a variant of a known item of metamorphic malware by treating the morphing engine as an author.

The full article is available to registered users. Click here for free registration or, if you already are a registered user, login to access the full article.

May 2008

PDF

Please register to download the PDF

Comment

Online banking call to arms

News

Malware prevalence report

March 2008

Features

Algorithms for grouping similar samples in malware analysis
Metamorphic authorship recognition using Markov models

Spam Bulletin

Poll

Are you still running IE 6?

Leave a comment

VB2010

VB2010 will take place 29 September-1 October 2009 at the Westin Bayshore, Vancouver, BC, Canada. VB is currently seeking submissions from those wishing to present papers at VB2010. Full details are in the call for papers.

Virus Bulletin currently has 187,822 registered users.

Fighting malware and spam

Metamorphic authorship recognition using Markov models

Mohamed R. Chouchane

Andrew Walenstein

Arun Lakhotia

PDF

Comment

News

Malware prevalence report

Features

Opinion

Product review

Calendar

Spam Bulletin

See also

Poll

VB2010