Title :
MOMENTUM: MetamOrphic malware exploration techniques using MSA signatures
Author :
Vinod, P. ; Laxmi, V. ; Gaur, M.S. ; Chauhan, Grijesh
Author_Institution :
Dept. of Comput. En, Malaviya Nat. Inst. of Technol., Jaipur, India
Abstract :
Modern malware that are metamorphic or polymorphic in nature mutate their code by employing code obfuscation and encryption methods to thwart detection. Thus, conventional signature based scanners fail to detect these malware. In order to address the problems of detecting known variants of metamorphic malware, we propose a method using bioinformatics techniques effectively used for Protein and DNA matching. Instead of using exact signature matching methods, more sophisticated signature(s) are extracted using multiple sequence alignment (MSA). The results show that the proposed method is capable of identifying malware variants with minimum false alarms and misses. Also, the detection rate achieved with our proposed method is better compared to commercial antivirus products used in the study.
Keywords :
DNA; biocomputing; bioinformatics; cryptography; digital signatures; invasive software; proteins; DNA matching; MOMENTUM; MSA signatures; antivirus products; bioinformatics techniques; code obfuscation; encryption methods; metamorphic malware exploration techniques; multiple sequence alignment; protein matching; signature based scanners; signature matching methods; Bioinformatics; DNA; Engines; Malware; Phylogeny; Probabilistic logic; Training; bioinformatics; metamorphic malware; multiple sequence alignment; sequence alignment;
Conference_Titel :
Innovations in Information Technology (IIT), 2012 International Conference on
Conference_Location :
Abu Dhabi
Print_ISBN :
978-1-4673-1100-7
DOI :
10.1109/INNOVATIONS.2012.6207739
