ABSTRACT--
Recent research work shows that HMM (Hidden Markov Model) is widely used in metamorphic virus detection. Virus generated from kits like NGVCK are detected effectively by HMM approach. Our purpose is to examine various flavours of HMM approach in virus detection.
KEYWORDS: Hidden Markov Model, Metamorphism, Observation Sequence.
INTRODUCTION Internet has become target of malicious codes due to its increasing use. Malicious codes are executable code and have the capability to replicate. It makes their survival strong. Viruses design and evolution attached with the area of programming. Similar to other computer programs viruses carry functions that are intelligent for providing protection in such a manner that detection remains not easy for a virus scanner. Viruses have to take various procedures of intellect for continued existence. That is why they may have complex encrypting and decrypting engines. These are the most frequent methods used by computer viruses in current scenario. They make use of these techniques to mask the antivirus and to adopt the certain environment for their expansion.
Polymorphic viruses try to hide the decrypting module. More complex methods were developed enabling the virus designers to change the code of one virus file and make multiple morphed copies while maintaining its functionalities. These are the type of viruses which have the ability to mutate itself with the code changed but without changing its functionalities. Metamorphic virus can become a serious threat considering the fact that there can be thousands of variants of one virus file with their signature being totally different. Metamorphic viruses transform its code in a specific manner very frequently and require to be prohibited.
Their analysis will lead to evolve a framework where the overall process of detection will be bounded in specific outcomes of continuing evolving results. It is essential to make a distinction between replicating programs and its similar forms. Reproducing programs will not necessarily damage your system. There is big fight between designers of virus and antivirus. The enhanced knowledge about the certain patterns, specifications can be designed. Various malicious codes can be evolved and incremented in well precise and efficient manner. For perfect identification of a metamorphic virus, identification routines must be written that can generate the essential instruction set of the virus code from the actual occurrence of the infection
Recent research work shows that HMM (Hidden Markov Model) is widely used in metamorphic virus detection. Virus generated from kits like NGVCK are detected effectively by HMM approach. Our purpose is to examine various flavours of HMM approach in virus detection.
KEYWORDS: Hidden Markov Model, Metamorphism, Observation Sequence.
INTRODUCTION Internet has become target of malicious codes due to its increasing use. Malicious codes are executable code and have the capability to replicate. It makes their survival strong. Viruses design and evolution attached with the area of programming. Similar to other computer programs viruses carry functions that are intelligent for providing protection in such a manner that detection remains not easy for a virus scanner. Viruses have to take various procedures of intellect for continued existence. That is why they may have complex encrypting and decrypting engines. These are the most frequent methods used by computer viruses in current scenario. They make use of these techniques to mask the antivirus and to adopt the certain environment for their expansion.
Polymorphic viruses try to hide the decrypting module. More complex methods were developed enabling the virus designers to change the code of one virus file and make multiple morphed copies while maintaining its functionalities. These are the type of viruses which have the ability to mutate itself with the code changed but without changing its functionalities. Metamorphic virus can become a serious threat considering the fact that there can be thousands of variants of one virus file with their signature being totally different. Metamorphic viruses transform its code in a specific manner very frequently and require to be prohibited.
Their analysis will lead to evolve a framework where the overall process of detection will be bounded in specific outcomes of continuing evolving results. It is essential to make a distinction between replicating programs and its similar forms. Reproducing programs will not necessarily damage your system. There is big fight between designers of virus and antivirus. The enhanced knowledge about the certain patterns, specifications can be designed. Various malicious codes can be evolved and incremented in well precise and efficient manner. For perfect identification of a metamorphic virus, identification routines must be written that can generate the essential instruction set of the virus code from the actual occurrence of the infection
Mumbai Academics Is Mumbai’s First Dedicated Professional Training Center For Training With Spoke And Hub Model With Multiple Verticles . The Strong Foundation Of Mumbai Academics Is Laid By Highly Skilled And Trained Professionals, Carrying Mission To Provide Industry Level Input To The Freshers And Highly Skilled And Trained Software Professionals/Other Professional To IT Companies. 
No comments:
Post a Comment