Metamorphic Malware Detection Using Statistical Analysis
Typically, computer viruses and other malware are detected by searching for a string of bits found in the virus or malware. Such a string can be viewed as a "Fingerprint" of the virus identified as the signature of the virus. The technique of detecting viruses using signatures is known as signature based detection. Today, virus writers often camouflage their viruses by using code obfuscation techniques in an effort to defeat signature-based detection schemes. So-called metamorphic viruses transform their code as they propagate, thus evading detection by static signature-based virus scanners, while keeping their functionality but differing in internal structure.