Polymorphism in Computer Viruses CS265 Security Engineering Term Project Puneet Mishra.

Slides:



Advertisements
Similar presentations
Computer Security Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Chapters 14 and 15 Operating Systems: Internals and Design Principles,
Advertisements

Smita Thaker 1 Polymorphic & Metamorphic Viruses Presented By : Smita Thaker Dated : Nov 18, 2003.
Dr. Richard Ford  Szor 7  Another way viruses try to evade scanners.
1 Detection of Injected, Dynamically Generated, and Obfuscated Malicious Code (DOME) Subha Ramanathan & Arun Krishnamurthy Nov 15, 2005.
Effective and Efficient Malware Detection at the End Host Clemens Kolbitsch, Paolo Milani TU Vienna Christopher UCSB Engin Kirda.
Software-based Code Attestation for Wireless Sensors.
Polymorphic Viruses A brief survey Joseph Hamm Shirlan Johnson.
________________ CS3235, Nov 2002 Viruses Adapted from Pfleeger[Chap 5]. A virus is a program [fragment] that can pass on malicious code [usually itself]
Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,
Malicious Software programs exploiting system vulnerabilities known as malicious software or malware program fragments that need a host program e.g. viruses,
1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Virus Encyption CS 450 Joshua Bostic. topics Encryption as a deterent to virus scans. History of polymorphic viruses. Use of encryption by viruses.
HUNTING FOR METAMORPHIC ENGINES Mark Stamp & Wing Wong August 5, 2006.
Reverse Engineering Ian Kayne For School of Computer Science, University of Birmingham 2 nd February 2009.
Computer Viruses. History Malicious software – 1970’s Programs distributed over exchange servers speeds spread of viruses Brain sparks term: Virus.
Metamorphic Viruses Pat Walpole. Introduction What are metamorphic viruses Why they are dangerous Defenses against them.
Software Uniqueness: How and Why? Puneet Mishra Dr. Mark Stamp Department of Computer Science San José State University, San José, California.
Beyond Anti-Virus by Dan Keller Fred Cohen- Computer Scientist “there is no algorithm that can perfectly detect all possible computer viruses”
Automated malware classification based on network behavior
Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden
Video Following is a video of what can happen if you don’t update your security settings! security.
CISC Machine Learning for Solving Systems Problems Presented by: Akanksha Kaul Dept of Computer & Information Sciences University of Delaware SBMDS:
CAP6135: Malware and Software Vulnerability Analysis Viruses Cliff Zou Spring 2011.
1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.
By: Sharad Sharma, Somya Verma, and Taranjit Pabla.
CIS3360: Security in Computing Chapter 4.2 : Viruses Cliff Zou Spring 2012.
BY ANDREA ALMEIDA T.E COMP DON BOSCO COLLEGE OF ENGINEERING.
Software Obfuscation from Crackers’ viewpoint Y, Hiroki; K, Yuichiro; M Akito, N Masahide; M Ken-ichi Proceedings of the IASTED International Conference.
Virus and Antivirus Team members: - Muzaffar Malik - Kiran Karki.
Lecture 14 Overview. Program Flaws Taxonomy of flaws: – how (genesis) – when (time) – where (location) the flaw was introduced into the system 2 CS 450/650.
VIRUSES - Janhavi Naik. Overview Structure Classification Categories.
HUNTING FOR METAMORPHIC HUNTING FOR METAMORPHIC Péter Ször and Peter Ferrie Symantec Corporation VIRUS BULLETIN CONFERENCE ©2001 Presented by Stephen Karg.
Structure Classifications &
Windows PE files Infections and Heuristic Detection Nicolas BRULEZ / Digital River PACSEC '04.
A virus is software that spreads from program to program, or from disk to disk, and uses each infected program or disk to make copies of itself. Basically.
1 Chap 10 Virus. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.
CSCE 522 Lecture 12 Program Security Malicious Code.
Ether: Malware Analysis via Hardware Virtualization Extensions Author: Artem Dinaburg, Paul Royal, Monirul Sharif, Wenke Lee Presenter: Yi Yang Presenter:
Virus Detection Mechanisms Final Year Project by Chaitanya kumar CH K.S. Karthik.
Chapter 10 Malicious software. Viruses and ” Malicious Programs Computer “ Viruses ” and related programs have the ability to replicate themselves on.
Types of Electronic Infection
ANTIVIRUS SOFTWARE.  Antivirus software is the most widespread mechanism for defending individual hosts against threats associated with malicious software,
30.1 Lecture 30 Security II Based on Silberschatz & Galvin’s slides And Stallings’ slides.
Telecommunications Networking II Lecture 41f Viruses and Worms.
COMPUTER VIRUS.
Dealing with Malware By: Brandon Payne Image source: TechTips.com.
CISC Machine Learning for Solving Systems Problems Presented by: Sandeep Dept of Computer & Information Sciences University of Delaware Detection.
Panda Anti-Rootkit & password storage tools
Malicious Logic and Defenses. Malicious Logic Trojan Horse – A Trojan horse is a program with an overt (documented or known) effect and covert (undocumented.
November 19, 2008 CSC 682 Use of Virtualization to Thwart Malware Written by: Ryan Lehan Presented by: Ryan Lehan Directed By: Ryan Lehan Produced By:
CISC Machine Learning for Solving Systems Problems Presented by: Satyajeet Dept of Computer & Information Sciences University of Delaware Automatic.
CONTENTS What is Virus ? Types of computer viruses.
n Just as a human virus is passed from person from person, a computer virus is passed from computer to computer. n A virus can be attached to any file.
METAMORPHIC VIRUS NGUYEN LE VAN.
Computer virus Speaker : 蔡尚倫.  Introduction  Infection target  Infection techniques Outline.
Computer Security Threats CLICKTECHSOLUTION.COM. Computer Security Confidentiality –Data confidentiality –Privacy Integrity –Data integrity –System integrity.
Advanced Anti-Virus Techniques
MALICIOUS SOFTWARE Rishu sihotra TE Computer
Malicious Programs (1) Viruses have the ability to replicate themselves Other Malicious programs may be installed by hand on a single machine. They may.
CRYPTOVIROLOGY by Ramu Muthuraman Cpsc 620. Overview  Introduction  Justification of Cryptovirology?  Key Terms  Cryptoviral Extortion Attack  Gpcode.ag.
Protecting Computers From Viruses and Similarly Programmed Threats Ryan Gray COSC 316.
Cosc 4765 Antivirus Approaches. In a Perfect world The best solution to viruses and worms to prevent infected the system –Generally considered impossible.
Security Issues in Information Technology
Techniques, Tools, and Research Issues
Semantics-Aware Malware Detection
Chap 10 Malicious Software.
Executive Director and Endowed Chair
Executive Director and Endowed Chair
Chap 10 Malicious Software.
Malicious Software Slide Set #5 Textbook Chapter 6 Clicker Questions
Presentation transcript:

Polymorphism in Computer Viruses CS265 Security Engineering Term Project Puneet Mishra

Definitions A computer virus is a program with malicious intent to cause abnormal disruption of the operation of a computer Polymorphism : The occurrence of different forms, stages, or types in individual organisms or in organisms of the same species, independent of sexual variations

Polymorphism : Scenario Biological Counter environmental threats Computer Science Absent Good Software Engineering Practice Design Flaws Propagated

Polymorphic Virus Avoid Detection by pattern matching scanners Incorporate Randomness and Complexity via Code Obfuscation Produces multiple functionally equivalent copies of itself

History First known example Chameleon, 1991 First widespread effect Tequila, 1991 Code transformation Polymorphic Generators Bulletin Boards Examples –MtE by Dark Avenger

Polymorphism Techniques and Virus Detection Hide and Seek Game Polymorphic Generators OBJ files linked to virus

Classification of Polymorphic Virus Classificationby Dr. Solomon Level 1: Set of Encryp/Decryp Level 2: One or several constant instructions Level 3: Unused functions / Instructions eg. NOP etc.

Classification of Polymorphic Virus Level 4: Interchangeable instructions Instructions mixing Level 5: 1 through 4 and changeable decryption algorithm, repeated encryption of virus code and partial encryption of the decryptor code Level 6: Main code changeable

Anti-Virus Software Emulation Sand-Boxing via Virtual Computer Environment

Conclusion Strong Threat Next level : Metamorphic Viruses

Thank You!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.