Singular value decomposition and metamorphic detectionJournal of Computer Virology and Hacking Techniques (2015)
Metamorphic malware changes its internal structure with each infection, while maintaining its original functionality. Such malware can be difficult to detect, particularly using static analysis, since there may be no common signature across infections. In this paper, we apply a score based on Singular Value Decomposition (SVD) to the challenging problem of metamorphic detection. SVD, which can be viewed as a specific implementation of Principal Component Analysis, is a linear algebraic technique that is applicable to the wide range of problems where eigenvector analysis is useful. Previous research has shown that an eigenvector-based score derived from the facial recognition problem yields good results when applied to metamorphic malware detection. In this paper, we reconsider these previous results in the context of SVD, and we outline a strategy to defeat such a detection scheme.
- Hacking Techniques,
Publication DateNovember, 2015
Citation InformationRanjith Kumar Jidigam, Thomas H. Austin and Mark Stamp. "Singular value decomposition and metamorphic detection" Journal of Computer Virology and Hacking Techniques Vol. 11 Iss. 4 (2015) p. 203 - 2016 ISSN: 2274-2042
Available at: http://works.bepress.com/mark_stamp/5/