Metamorphic Virus Variants Classification Using Opcode Frequency Histogram

Computer Science – Cryptography and Security

Scientific paper

Rate now

[ 4.70 ] – excellent Voters 1 Comments 1

Details Metamorphic Virus Variants Classification Using Opcode Frequency Histogram Metamorphic Virus Variants Classification Using Opcode Frequency Histogram

: 2011-04-16
: arxiv.org/abs/1104.3228v1
: Rad, B. B. and Masrom, M. (2010). Metamorphic Virus Variants Classification Using Opcode Frequency Histogram. Proceedings of t
: Computer Science
: Cryptography and Security

: Latest Trends on Computers (Volume I), 14th WSEAS International Conference on COMPUTERS
: Scientific paper
: In order to prevent detection and evade signature-based scanning methods, which are normally exploited by antivirus software, metamorphic viruses use several various obfuscation approaches. They transform their code in new instances as look entirely or partly different and contain dissimilar sequences of string, but their behavior and function remain unchanged. This obfuscation process allows them to stay away from the string based signature detection. In this research, we use a statistical technique to compare the similarity between two files infected by two morphed versions of a given metamorphic virus. Our proposed solution based on static analysis and it uses the histogram of machine instructions frequency in various offspring of obfuscated viruses. We use Euclidean histogram distance metric to compare a pair of portable executable (PE) files. The aim of this study is to show that for some particular obfuscation methods, the presented solution can be exploited to detect morphed varieties of a file. Hence, it can be utilized by non-string based signature scanning to identify whether a file is a version of a metamorphic virus or not.

Affiliated with

Masrom Maslin

Computer Science – Cryptography and Security

Scientist

[ 0.00 ] – not rated yet Voters 0 Comments 0

Rad Babak Bashari

Computer Science – Cryptography and Security

Scientist

[ 4.50 ] – excellent Voters 1 Comments 1

Also associated with

No associations

LandOfFree

Say what you really think

Search LandOfFree.com for scientists and scientific papers. Rate them and share your experience with other people.

Rating

Metamorphic Virus Variants Classification Using Opcode Frequency Histogram has received 1 rating(s) and 1 review(s), resulting in an average rating of 4.70 on a scale from 1 to 5. The overall rating for this scientific paper is excellent.
If you have personal experience with Metamorphic Virus Variants Classification Using Opcode Frequency Histogram, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Metamorphic Virus Variants Classification Using Opcode Frequency Histogram will most certainly appreciate the feedback.

Rate now

Comments { 1 }

Paul Meier

Was this review helpful to you? Rating [ 4.70 ]

Scientific merit

Who am I to question these authorities?

Accuracy

Data quality and Analysis

Originality

Writing, structure and presentation

Rate the overall quality of the paper

0 0 Inappropriate comment

Profile ID: LFWR-SCP-O-347406

All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.

Canada

Charities
Companies
MP Candidates
Patents
Employee Salary Disclosure

World

Places of the World
Scientific Papers

United States

Banks
Companies
Counties
Patents
Employee Salary Disclosure