Malware, short for malicious software, is used as a general term for computer viruses, Trojan horses, worms, and other harmful software or code. Malware authors try to obfuscate their code in order to evade antiviral programs. Different analysis techniques are used by antiviral programs in order to detect different encryption and obfuscation methods. Survivability of malware becomes the main concern for an attacker since the malware should usually be able to spread to other computers; use resources of victim's computer; and create new copies of itself. In this thesis, inspired by Darwin's theory of natural selection and the selfish gene concept explained by Richard Dawkins, we propose novel methods which increase the chance of survivability for malware. We implement selfishness, altruistic behavior, mimicry, group selection, and similar behavior models into our experimental malware and we also test our techniques against existing solutions. We develop tools in order to enhance existing malware with features presented in this thesis. Effectiveness of proposed techniques are presented and an experimental test is carried out with a dataset containing more than 300.000 malware samples. Group behavior models are also introduced and methods proposed for enhancing botnets to have better stability (Evolutionarily stable botnet)
