Issue No. 02 - March/April (2010 vol. 8)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2010.64
Marco Prandini , University of Bologna
Marco Ramilli , University of Bologna
The basic technique used by antimalware software for identifying malicious code is signature detection. Even after years of refining, attackers can still easily circumvent it, relying on several ways to manipulate signatures without changing the malware logic. This article introduces the reader to the signature manipulation concept by means of a practical example.
Computer security, Computer viruses, Code mutation, Signature detection evasion
Marco Prandini, Marco Ramilli, "Always the Same, Never the Same", IEEE Security & Privacy, vol. 8, no. , pp. 73-75, March/April 2010, doi:10.1109/MSP.2010.64