Security

Advanced Metamorphic Techniques in Computer Viruses

Free registration required

Executive Summary

When the first antiviral protections appeared in the late 80's to answer the nascent viral threat, they consisted of a mere binary scan of programs looking for known virus signatures. Never mind, virus writers adapted their code so that it would mutate its binary form on each replication: as early as in 1988 a first virus protected itself using encryption, followed in 1990 by the first polymorphic viruses which were able to mutate their code as well as their decryption method. Their ability to evade detection by the then antivirus software gave them immediate "Popularity". Nevertheless anti-viruses quickly adapted to this protection by letting viruses decrypt themselves and then only scanning the decrypted code looking for any known signature.

  • Format: PDF
  • Size: 310.7 KB