Investigation of Malware Defence and Detection Techniques
Malwares are considered as a major threat vector which can be potentially caused huge damage to both network infrastructure as well as network applications. In this paper, different techniques such as repacking, reverse engineering and hex editing for bypassing host-based Anti Virus (AV) signatures are illustrated, and the description and comparison of different channels and methods when malware might reach the host from outside the networks are demonstrated. After that, bypassing HTTP/SSL and SMTP malware defences as channels are discussed. Finally, a new malware detection technique base on honeynet systems is discussed and its strengths and weaknesses were highlighted.