Skip to main content
profile image
Selected Works of George Markowsky
Article
The Technique for Metamorphic Viruses' Detection based on its Obfuscation Features Analysis
Proceedings of the 14th International Conference on ICT in Education, Research and Industrial Applications. Integration, Harmonization and Knowledge Transfer. Volume II: Workshops (2018, Kyiv, Ukraine)
  • George Markowsky, Missouri University of Science and Technology
  • Oleg Savenko
  • Sergii Lysenko
  • Andrii Nicheporuk
Abstract

The paper presents an approach for the metamorphic viruses detection based on its obfuscation features analysis. The obfuscation features were obtained on the basis of the equivalent functional block search in the suspicious program and its modified version. The results of the research demonstrated that the efficiency of metamorphic viruses detection based on the proposed obfuscation quantitative features depends on the choice of the similarity metric at the stages of the search and the choice refinement of the equivalent functional blocks. The adequate choice of similarity metrics at both stages allowed increasing the detection efficiency of the metamorphic viruses.

Meeting Name
14th International Conference on ICT in Education, Research and Industrial Applications. Integration, Harmonization and Knowledge Transfer. Volume II: Workshops, ICTERI 2018 (2018: May 14-17, Kyiv, Ukraine)
Department(s)
Computer Science
Keywords and Phrases
  • Efficiency,
  • Industrial research,
  • Knowledge management,
  • Viruses,
  • Detection efficiency,
  • Distance metrics,
  • Functional block,
  • Obfuscation,
  • Opcode,
  • Quantitative features,
  • Similarity metrics,
  • Feature extraction,
  • Equivalent functional block,
  • Metamorphic virus
Document Type
Article - Conference proceedings
Document Version
Citation
File Type
text
Language(s)
English
Rights
© 2018 The Authors, All rights reserved.
Publication Date
5-1-2018
Publication Date
01 May 2018
Disciplines
Citation Information
George Markowsky, Oleg Savenko, Sergii Lysenko and Andrii Nicheporuk. "The Technique for Metamorphic Viruses' Detection based on its Obfuscation Features Analysis" Proceedings of the 14th International Conference on ICT in Education, Research and Industrial Applications. Integration, Harmonization and Knowledge Transfer. Volume II: Workshops (2018, Kyiv, Ukraine) Vol. 2104 (2018) p. 680 - 687 ISSN: 1613-0073
Available at: http://works.bepress.com/george-markowsky/80/