作者: A.H. Sung , J. Xu , P. Chavez , S. Mukkamala
DOI: 10.1109/CSAC.2004.37
关键词:
摘要: Software security assurance and malware (Trojans, worms, viruses, etc.) detection are important topics of information security. obfuscation, a general technique that is useful for protecting software from reverse engineering, can also be used by hackers to circumvent the tools. Current static techniques have serious limitations, sandbox testing fails provide complete solution due time constraints. In this paper, we present robust signature-based technique, with emphasis on detecting obfuscated (or polymorphic) mutated metamorphic) malware. The hypothesis all versions same share common core signature combination several features code. After particular has been first identified, it analyzed extract signature, which provides basis variants mutants in future. Encouraging experimental results large set recent presented.