2023
DOI: 10.1155/2023/8227751
|View full text |Cite
|
Sign up to set email alerts
|

Metamorphic Malware and Obfuscation: A Survey of Techniques, Variants, and Generation Kits

Kenneth Brezinski,
Ken Ferens

Abstract: The competing landscape between malware authors and security analysts is an ever-changing battlefield over who can innovate over the other. While security analysts are constantly updating their signatures of known malware, malware variants are changing their signature each time they infect a new host, leading to an endless game of cat and mouse. This survey looks at providing a thorough review of obfuscation and metamorphic techniques commonly used by malware authors. The main topics covered in this work are (… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1

Citation Types

0
2
0
1

Year Published

2023
2023
2024
2024

Publication Types

Select...
5
1

Relationship

0
6

Authors

Journals

citations
Cited by 7 publications
(3 citation statements)
references
References 207 publications
(308 reference statements)
0
2
0
1
Order By: Relevance
“…• Metamorphism: the binary sequence is altered by making a new malware version for each new infection through a mutation engine. The mutation engine uses code transforming and obfuscation to change the malicious code [22], [23], [30]. Several classes of software vulnerabilities can be explored to perform security attacks.…”
Section: Malware Fundamentalsmentioning
confidence: 99%
“…• Metamorphism: the binary sequence is altered by making a new malware version for each new infection through a mutation engine. The mutation engine uses code transforming and obfuscation to change the malicious code [22], [23], [30]. Several classes of software vulnerabilities can be explored to perform security attacks.…”
Section: Malware Fundamentalsmentioning
confidence: 99%
“…Статический анализ изучен хорошо и его эффективность достигает 99.4% [1]. Однако данный вид анализа неэффективен против сложных разновидностей вредоносных программ [2], которые используют методы шифрования [3], скрытия [4], упаковки [5] и полиморфных, олигоморфных и метаморфных преобразований [6]. Обнаружению при помощи динамического анализа уделено не так много внимания [7], хотя этот путь и выглядит более эффективным и более перспективным [8].…”
Section: Introductionunclassified
“…This type of malware, adept at camouflaging itself within regular computing operations, poses a significant threat to digital systems. Our research is centered on developing advanced methodologies to effectively identify and analyze these covert threats, specifically within memory dumps, where they are known to skillfully mask their activities (Asghar et al 2023;Bozkir et al 2021;Brezinski and Ferens 2023).…”
Section: Introductionmentioning
confidence: 99%