Issue No.02 - March/April (2010 vol.8)
Marco Ramilli , University of Bologna
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2010.64
The basic technique used by antimalware software for identifying malicious code is signature detection. Even after years of refining, attackers can still easily circumvent it, relying on several ways to manipulate signatures without changing the malware logic. This article introduces the reader to the signature manipulation concept by means of a practical example.
Computer security, Computer viruses, Code mutation, Signature detection evasion
Marco Ramilli, "Always the Same, Never the Same", IEEE Security & Privacy, vol.8, no. 2, pp. 73-75, March/April 2010, doi:10.1109/MSP.2010.64