Skip to main content
Article
Singular value decomposition and metamorphic detection
Journal of Computer Virology and Hacking Techniques (2015)
  • Ranjith Kumar Jidigam, San Jose State University
  • Thomas H. Austin, San Jose State University
  • Mark Stamp, San Jose State University
Abstract
Metamorphic malware changes its internal structure with each infection, while maintaining its original functionality. Such malware can be difficult to detect, particularly using static analysis, since there may be no common signature across infections. In this paper, we apply a score based on Singular Value Decomposition (SVD) to the challenging problem of metamorphic detection. SVD, which can be viewed as a specific implementation of Principal Component Analysis, is a linear algebraic technique that is applicable to the wide range of problems where eigenvector analysis is useful. Previous research has shown that an eigenvector-based score derived from the facial recognition problem yields good results when applied to metamorphic malware detection. In this paper, we reconsider these previous results in the context of SVD, and we outline a strategy to defeat such a detection scheme.
Keywords
  • Computer,
  • Electronics,
  • Telecommunications,
  • Hacking Techniques,
  • Virology
Disciplines
Publication Date
November, 2015
DOI
10.1007/s11416-014-0220-0
Publisher Statement
SJSU users: use the following link to login and access the article via SJSU databases
Citation Information
Ranjith Kumar Jidigam, Thomas H. Austin and Mark Stamp. "Singular value decomposition and metamorphic detection" Journal of Computer Virology and Hacking Techniques Vol. 11 Iss. 4 (2015) p. 203 - 2016 ISSN: 2274-2042
Available at: http://works.bepress.com/mark_stamp/5/