Philippe Beaucamps
International Conference on Computer, Electrical, and Systems Science, and Engineering - CESSE'07
November 2008
Download PDF (310.73Kb) (You need to be registered on forum)Nowadays viruses use polymorphic techniques to mutate their code on each replication, thus evading detection by antiviruses. However detection by emulation can defeat simple polymorphism: thus metamorphic techniques are used which thoroughly change the viral code, even after decryption. We briefly detail this evolution of virus protection techniques against detection and then study the METAPHOR virus, today’s most advanced metamorphic virus.