linkedin post 2019-06-11 03:42:51

Uncategorized
POLYMORPHIC CODE. "In computer terminology, polymorphic code is code that uses a polymorphic engine to mutate while keeping the original algorithm intact. That is, the code changes itself each time it runs, but the function of the code (its semantics) will not change at all. For example, 1+3 and 6-2 both achieve the same result while using different code. This technique is sometimes used by computer viruses, shellcodes and computer worms to hide their presence." https://lnkd.in/dZPjiRS View in LinkedIn
Read More

linkedin post 2019-06-11 03:45:52

Uncategorized
MALWARE. "Malicious programmers have sought to protect their encrypted code from this virus-scanning strategy by rewriting the unencrypted decryption engine (and the resulting encrypted payload) each time the virus or worm is propagated. Anti-virus software uses sophisticated pattern analysis to find underlying patterns within the different mutations of the decryption engine, in hopes of reliably detecting such malware." https://lnkd.in/dZPjiRS View in LinkedIn
Read More

linkedin post 2019-06-11 03:47:17

Uncategorized
RANDOM MUTATION ENGINE. "Polymorphic viruses are very complex and difficult viruses to detect because it can take many forms. Polymorphic virus uses the mutation engine that generates randomized decryption routines. These routines change each time the virus infects a new victim." https://lnkd.in/dkj4vxW View in LinkedIn
Read More

linkedin post 2019-06-11 03:48:52

Uncategorized
HIJACKING THE HOST MACHINERY. "When an infected polymorphic virus program runs, the decryption routine gains the control of computer, after that decrypts the virus body and transfer the control of the computer to virus. And then appends both decrypted virus body and decryption routine on a new infected program." Sounds familiar. https://lnkd.in/dkj4vxW View in LinkedIn
Read More

linkedin post 2019-06-11 03:51:34

Uncategorized
LIMITED NUMBER OF ENGINES. "Virus writers still must often waste weeks or months to create a new polymorphic virus that does not have chance to appear in the wild because of its bugs. On the other hand, a researcher might be able to deal with the detection of such a virus in a few minutes or few days. One of the reasons for this is that there are a surprisingly low number of efficient external polymorphic engines." https://lnkd.in/d_2z5qc View in LinkedIn
Read More

linkedin post 2019-06-12 05:07:19

Uncategorized
METAMORPHIC CODE. "Most polymorphic viruses decrypt themselves to a single constant virus body in memory. Metamorphic viruses, however, do not. Therefore the detection of the virus code in memory needs to be algorithmic because the virus body does not become constant even there." https://lnkd.in/d_2z5qc View in LinkedIn
Read More

linkedin post 2019-06-12 05:09:38

Uncategorized
MORPHING FUNCTIONAL CODE. "Metamorphic viruses is well-known with ability to translate, edit and rewrite its own code and it can do serious damage to the system. The main goal of these viruses is to change the appearance but still keeping their functionality." https://lnkd.in/dkj4vxW View in LinkedIn
Read More

linkedin post 2019-06-12 05:10:18

Uncategorized
SELF-MODIFYING CODE EXISTS. "Q: Can we achieve self-modifying code in high level languages with viruses? Most languages do not allow existing code to be mutated. I am wondering if any viruses can help with that. A: Virus, worms, bad coding practices and even errors in coding surely can do that." https://lnkd.in/egFARnj View in LinkedIn
Read More

linkedin post 2019-06-12 05:11:34

Uncategorized
STATISTICALLY UNDETECTABLE. "Metamorphic viruses transform their code as they propagate, thus evading detection by static signature-based virus scanners and have the potential to lead to a breed of malicious programs that are virtually undetectable statistically." https://lnkd.in/eXJNZSa View in LinkedIn
Read More