Towards an Undetectable Computer Virus

Author

Priti Desai, San Jose State University

Publication Date

2008

Degree Type

Master's Project

Degree Name

Master of Science (MS)

Department

Computer Science

Abstract

Metamorphic viruses modify their own code to produce viral copies which are syntactically different from their parents. The viral copies have the same functionality as the parent but may have different signatures. This makes signature-based virus scanners unreliable for detecting metamorphic viruses. But statistical pattern analysis tool such as Hidden Markov Models (HMMs) can detect metamorphic viruses. Virus writers use many different code obfuscation techniques to generate metamorphic viruses. In this project we develop a metamorphic engine using code obfuscation techniques. Our metamorphic engine is designed to produce highly diverse morphed copies of the base virus. We show that commercial virus scanners cannot detect metamorphic viruses produced by our engine. We then proceed to determine whether HMMs can detect metamorphic viruses generated by our engine.

Recommended Citation

Desai, Priti, "Towards an Undetectable Computer Virus" (2008). Master's Projects. 90.
DOI: https://doi.org/10.31979/etd.z942-squp
https://scholarworks.sjsu.edu/etd_projects/90