Skip to main content
Article thumbnail
Location of Repository

By

By Presented To and Scott Mcghee and Scott Mcghee

Abstract

Computer viruses and other forms of malware pose a threat to virtually any software system. A computer virus is a piece of software which takes advantage of known weaknesses in a software system, and usually has the ability to deliver a malicious payload. A common technique that virus writers use to avoid detection is to enable the virus to change itself by having some kind of self-modifying code. This kind of virus is commonly known as a metamorphic virus, and can be particularly difficult to detect [18]. Existing virus detection software is continually being improved upon in order to keep up with the rising complexity of today’s modern computer viruses. A new approach to detecting metamorphic viruses, which is an extension of an idea posed in a student writing project from a previous semester [18], will be considered in this project. If a large set of viruses in one “family ” of metamorphic viruses can be treated as simple sequences of op-codes, then sequence analysis techniques used in other fields of study like bioengineering [5] could be used to develop a profile hidden Markov model (HMM). This profile would then be used to score an arbitrary op-code sequence (i.e. a progra

Year: 2007
OAI identifier: oai:CiteSeerX.psu:10.1.1.134.2469
Provided by: CiteSeerX
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • http://citeseerx.ist.psu.edu/v... (external link)
  • http://www.cs.sjsu.edu/faculty... (external link)
  • Suggested articles


    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.