Using engine signature to detect metamorphic malware

  title={Using engine signature to detect metamorphic malware},
  author={Mohamed R. Chouchane and Arun Lakhotia},
This paper introduces the "engine signature" approach to assist in detecting metamorphic malware by tracking it to its engine. More specifically, it presents and evaluates a code scoring technique for collecting forensic evidence from x86 code segments in order to get some measure of how likely they are to have been generated by some known instruction-substituting metamorphic engine. A prototype simulator that mimics real instruction-substituting metamorphic engines was implemented and used to… CONTINUE READING
Highly Cited
This paper has 55 citations. REVIEW CITATIONS

7 Figures & Tables



Citations per Year

55 Citations

Semantic Scholar estimates that this publication has 55 citations based on the available data.

See our FAQ for additional information.