Publication Date
2010
Degree Type
Master's Project
Degree Name
Master of Science (MS)
Department
Computer Science
Abstract
Signature-based detection relies on patterns present in viruses and provides a relatively simple and efficient method for detecting known viruses. At present, most anti-virus systems rely primarily on signature detection. Metamorphic viruses are one of the most difficult types of viruses to detect. Such viruses change their internal structure, which provides an effective means of evading signature detection. Previous work has provided a rigorous proof that a fairly simple metamorphic engine can generate viruses that will evade any signature-based detection. In this project, we first implement a metamorphic engine that is provably undetectable—in the sense of signature-based detection. We then show that, as expected, the resulting viruses are not detected by popular commercial anti-virus scanners. Finally, we analyze the same set of viruses using a previously developed approach based on hidden Markov models (HMM). This HMM- based technique easily detects the viruses.
Recommended Citation
Venkatachalam, Sujandharan, "DETECTING UNDETECTABLE COMPUTER VIRUSES" (2010). Master's Projects. 156.
DOI: https://doi.org/10.31979/etd.j6tm-a5pd
https://scholarworks.sjsu.edu/etd_projects/156