Results 1 - 3 of 3
- In Virus Bulletin Conference , 2001
"... As virus writers developed numerous polymorphic engines, virus scanners became stronger in their defense against them. A virus scanner which used a code emulator to detect viruses looked like it was on steroids compared to those without an emulator-based scanning engine. Nowadays, most polymorphic v ..."
Abstract - Cited by 94 (0 self) - Add to MetaCart
As virus writers developed numerous polymorphic engines, virus scanners became stronger in their defense against them. A virus scanner which used a code emulator to detect viruses looked like it was on steroids compared to those without an emulator-based scanning engine. Nowadays, most polymorphic viruses are considered boring. Even though they can be extremely hard to detect, most of today’s products are able to deal with them relatively easily. These are the scanners that survived the DOS polymorphic days. For some of the scanners DOS polymorphic viruses meant the ‘end of days’. Other scanners died with the macro virus problem. For most products the next challenge to take is 32-bit metamorphosis. Metamorphic viruses are nothing new. We have seen them in DOS days, though some of them, like ACG, already used 32-bit instructions. The next step is 32-bit metamorphosis under Windows environments. Virus writers already took the first step in that direction. In this paper the authors will examine metamorphic engines to provide a better general understanding of the problem that we are facing. The authors also provide detection examples of some of the metamorphic viruses. VIRUS BULLETIN CONFERENCE ©2001 Virus Bulletin Ltd, The Pentagon, Abingdon, Oxfordshire, OX14 3YP, England. Tel +44 1235 555139. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form, without the prior written permission of the publishers. 124 • SZÖR & FERRIE, HUNTING FOR METAMORPHIC 1
Evolution of Code Metamorphic Virus Detection Examples Possible Future Virus DevelopmentsSymantec HUNTING FOR METAMORPHIC Contents
INSIDE ∆ Evolution of Code ∆ Metamorphic Virus Detection Examples ∆ Possible Future Virus Developments