Notification: Our email services are now fully restored after a brief, temporary outage caused by a denial-of-service (DoS) attack. If you sent an email on Dec 6 and haven't received a response, please resend your email.
CFP last date
20 December 2024
Reseach Article

Evolution and Detection of Polymorphic and Metamorphic Malwares: A Survey

by Ashu Sharma, S. K. Sahay
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 90 - Number 2
Year of Publication: 2014
Authors: Ashu Sharma, S. K. Sahay
10.5120/15544-4098

Ashu Sharma, S. K. Sahay . Evolution and Detection of Polymorphic and Metamorphic Malwares: A Survey. International Journal of Computer Applications. 90, 2 ( March 2014), 7-11. DOI=10.5120/15544-4098

@article{ 10.5120/15544-4098,
author = { Ashu Sharma, S. K. Sahay },
title = { Evolution and Detection of Polymorphic and Metamorphic Malwares: A Survey },
journal = { International Journal of Computer Applications },
issue_date = { March 2014 },
volume = { 90 },
number = { 2 },
month = { March },
year = { 2014 },
issn = { 0975-8887 },
pages = { 7-11 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume90/number2/15544-4098/ },
doi = { 10.5120/15544-4098 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T22:11:33.081636+05:30
%A Ashu Sharma
%A S. K. Sahay
%T Evolution and Detection of Polymorphic and Metamorphic Malwares: A Survey
%J International Journal of Computer Applications
%@ 0975-8887
%V 90
%N 2
%P 7-11
%D 2014
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Malwares are big threat to digital world and evolving with high complexity. It can penetrate networks, steal confidential information from computers, bring down servers and can cripple infrastructures etc. To combat the threat/attacks from the malwares, anti- malwares have been developed. The existing anti-malwares are mostly based on the assumption that the malware structure does not changes appreciably. But the recent advancement in second generation malwares can create variants and hence posed a challenge to anti-malwares developers. To combat the threat/attacks from the second generation malwares with low false alarm we present our survey on malwares and its detection techniques.

References
  1. Symantec Corporation. 2012 Symantec Internet Security Threat Report, Symantec
  2. Stone, R. "A Call to Cyber Arms", Science (New York, N. Y. ), 2013, 339: 10261027.
  3. Bencsath, B. , Pek, G. , Buttyan, L. and Felegyhazi, M. Duqu: A Stuxnet-like malware found in the wild, CrySyS Lab, BME, Technical Report Version 0. 93, 2011.
  4. Operaons, I. F. and Daly, M. K. The Advanced Persistent Threat Usenix, Nov, 2009, 4.
  5. Malin, C. , Casey, E. and Aquilina, J. "Linux Malware Incident Response: A Practitioners Guide to Forensic Collection and Examination of volatile Data", 1st ed. Elsevier, USA, 2013, 89.
  6. F. Labs, F-Secure H1 2013 Threat Report, 2013. 10
  7. B. M. Labs, McAfee Threats Report: First Quarter 2012, 2012.
  8. Szor, P. "The Art of Computer Virus and defence", 1st ed. Symantec press, US, 2005, 35-44
  9. You, I. and Yim, K. "Malware Obfuscation Techniques: A Brief Survey, Proceedings of IEEE International Conference on Broadband, Wireless Computing, Communication and Applications, Fukuoka, 2010, Nov 4-6, 297300.
  10. Rad, B. , Masrom, M. and Ibrahim, S. "Camouflage in Malware: From Encryption to Metamorphism", International Journal of Computer Science and Network Security, 2012, 12: 74-83.
  11. Beaucamps, P. "Advanced polymorphic techniques International Journal of Computer Science", 2001, 25: 400411.
  12. Rad, B. B. , Masrom, M. and Ibrahim, S. "Evolution of Computer Virus Concealment and Anti-Virus Techniques: A Short Survey, International Journal of Computer Science Issues, 2011, 8:113121.
  13. Shah, A. Approximate Disassembly using Dynamic Programming [PhD. Thesis], San Jose State University, US, 2010.
  14. Cho, Y. and Mangione-Smith, W. High-performance context-free parser for polymorphic malware detection, United States Patent US 2006113722, 2009 April 18.
  15. Austin, T. H. , Filiol, E. , Josse, and Stamp, S. M. "Exploring Hidden Markov Models for Virus Analysis: A Semantic Approach, Proceedings of the 46th Hawaii International Conference on System Sciences, Wailea, HI, USA, 2013, Jan 7-10, 50395048.
  16. Ferrie, P. , Corporation, S. and Monica, S. "HUNTING FOR METAMORPHIC", Proceedings of the Virus Bulletin Conference 2001, Czech Republic, Prague, 2001 Sep 27-28, 123144.
  17. Griffin, K. , Schneider, S. , Hu, X. and Chiueh, T. "Automatic generation of string signatures for malware detection", Proceedings of the 12th International Symposium, RAID 2009, Sep 23- 25, 129.
  18. Ddcreateur, ANTIVIRUS 2004, [Database on the Internet]. Codes-sources library. [updated 2004 March 26; cited 2013 Oct 1]. Available from http://files. Cod es-sources. com/fichierfullscreen. aspx?id=21418&f=virus signatures. txt⟨=en
  19. Tran, N. and Lee, M. "High performance string matching for security applications", Proceedings of the International Conference on ICT for Smart Society, Jakarta 2013 June 13-14, 15. 11
  20. Harley, D. and Lee, A. "Heuristic AnalysisDetecting Unknown Viruses", [White paper] Eset, 2007, [cited 2013 Oct 1]. Available from http://www. eset. Com /us/resources/white-papers/Heu- ristic Analysis. pdf
  21. Del Grosso, N. "Its Time to Rethink your Corporate Malware Strategy", [White paper] SANS Institute Reading Room site, 2002, [cited 2013 Oct 1]. Available from http://www. sans. org/readingroom/whitepapers/ malicious/its-time-rethink-corporate-malwarestrategy124
  22. Mathur, K. and Hiranwai, S. "A Survey on Techniques in Detection and Analyzing Malware Executables". International Journal of Advanced Research in Computer Science and Software Engineering, 2013, 3: 422428.
  23. Wong, W. and Stamp, M. "Hunting for metamorphic engines", Journal in Computer Virology, 2006, 2: 211229.
  24. Govindaraju, A. Exhaustive Statistical Analysis for Detection of Metamorphic Malware [MS Project], San Jose State University, US, 2010.
  25. Mitchell, T. M. "Machine learning", Burr Ridge, IL: McGraw Hill, 1997.
  26. Moskovitch, R. , Yuval, E. and Lior, R. "Detection of unknown computer worms based on behavioral classification of the host", Computational Statistics & Data Analysis, 2008, 52: 4544-4566.
  27. Alazab, M. and Venkatraman, S. "Zero-day malware detection based on supervised learning algorithms of api call signatures", Proceedings of the Ninth Australasian Data Mining Conference, Ballarat, Australia 2011 Nov, 121: 171182.
  28. Moskovitch, R. , Elovici, Y. and Rokach, L. "Detection of unknown computer worms based on behavioral classification of the host, Computational Statistics & Data Analysis, 2008, 52:45444566.
  29. Siddiqui, M. , Wang, M. C. and Lee, J. "A survey of data mining techniques for malware detection using file features, Proceedings of the 46th Annual Southeast Regional Conference, New York, USA, 2008, March 28-28, 509-510.
  30. Xu, M. , Wu, L. , Qi, S. , Xu, J. , Zhang, H. , Ren, Y. and Zheng, N. "A similarity metric method of obfuscated malware using function-call graph", Journal of Computer Virology and Hacking Techniques. 2013, 9: 3547. 12
  31. Xu, J. , Sung, A. H. , Chavez, P. and Mukkamala, S. "Polymorphic malicious executable scanner by API sequence analysis", Proceedings of the Fourth International Conference on Hybrid Intelli- gent Systems, Kitakyushu, Japan, 2004, Dec 5-8, 378-383.
  32. Christodorescu, M. , Johannes, K. , Jha, S. , Katzenbeisser, S. and Veith, H. "Malware Normalization", University of Wisconsin, Madison, Wisconsin, USA, 2005 November. Report No: 1539.
  33. Armoun, S. E. and Hashemi, S. "A General Paradigm for Normalizing Metamorphic Malwares, Proceedings of the 10th International Conference on Frontiers of Information Technology, Islamabad, Pakistan, 2012, Dec 17-19, 348353.
  34. Toderici, A. and Stamp, M. "Chi-squared distance and metamorphic virus detection, Journal in Computer Virology, 2012, 9: 1-14.
  35. B Rad, B. B. , Masrom, M. and Ibrahim, S. "Morphed Virus Family Classification Based on Opcodes Statistical Feature Using Decision Tree, Proceedings of the International Conference, ICIEIS 2011, Kuala Lumpur, Malaysia, 2011, November 12-14, 123131.
  36. Bertoni, G. , Daemen, J. , Peeters, M. and Van Assche, G. "Keccak sponge function family main document, Submission to NIST (Round 2), 2009, 3: 1-93.
  37. New, T. and Vector, T. "Beyond Signature-Based Anti-virus: New Threat Vectors Drive Need for Proactive Antimalware are Protection, [White paper] Eset, 2010, [cited 2013 Oct 1]. Available from: http://www. eset. com/us/resources/whitepapers/ESETIDC-VendorSpotlig ht July2007. pdf
  38. Zheng, M. , Sun, M. and Lui, J. "Droid Analytics: A Signature Based Analytic System to Collect, Extract, Analyze and Associate Android Malware", Proceedings of the 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom 13), Melbourne, Australia, July 2013.
  39. Mila, Mobile malware mini dump [Database on the Internet] Contagio Mobile [updated 2013 Sep 17; cited 2013 Oct 1], Available from: http://contagiominidump . blogspot. in
Index Terms

Computer Science
Information Sciences

Keywords

Malwares Antimalware Polymorphic Metamorphic.