The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Metamorphic virus detection is one of the most challenging tasks of antivirus software and the most difficult ones are among known viruses. In this article we have used Bayesian network to recognize these kinds of viruses. The body of these virusesis made of assembly codes. At first opcodes are extracted as 1-gram from virus body, these opcodes are known as the characteristics of Bayesian network...
Since finding and extracting a fixed signature for metamorphic viruses is hard due to the fact that, their shape changes frequently. Virus writers by using obfuscation methods make their viruses undetectable, in order to disable anti viruses to detect them easily, which ends in metamorphic viruses. We used hidden Markov model to propose the Detection Sphere method. We used three elements of a string...
Virus writers make their viruses undetectable by using obfuscation methods, which ends in metamorphic viruses. We propose a method named detection circle which is based on the hidden Markov Model theory. We have used three elements to characterize a family of viruses: string occurrence probability, specifically-located character occurrence probability, and the amount of virus similarities. For the...
Recent work has presented hidden Markov models (HMMs) as a compelling option for virus identification. However, to date little research has been done to identify the meaning of these hidden states. In this paper, we examine HMMs for four different compilers, hand-written assembly code, three virus construction kits, and a metamorphic virus in order to note similarities and differences in the hidden...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.