Using engine signature to detect metamorphic malware

@inproceedings{Chouchane2006UsingES,
  title={Using engine signature to detect metamorphic malware},
  author={Mohamed R. Chouchane and Arun Lakhotia},
  booktitle={WORM},
  year={2006}
}
This paper introduces the "engine signature" approach to assist in detecting metamorphic malware by tracking it to its engine. More specifically, it presents and evaluates a code scoring technique for collecting forensic evidence from x86 code segments in order to get some measure of how likely they are to have been generated by some known instruction-substituting metamorphic engine. A prototype simulator that mimics real instruction-substituting metamorphic engines was implemented and used to… CONTINUE READING
Highly Cited
This paper has 55 citations. REVIEW CITATIONS

7 Figures & Tables

Topics

Statistics

01020'07'08'09'10'11'12'13'14'15'16'17'18
Citations per Year

55 Citations

Semantic Scholar estimates that this publication has 55 citations based on the available data.

See our FAQ for additional information.