abstract

Malware Obfuscation through Evolutionary Packers

Authors:

Alberto TondaAuthors Info & Claims

GECCO Companion '15: Proceedings of the Companion Publication of the 2015 Annual Conference on Genetic and Evolutionary Computation

Pages 757 - 758

https://doi.org/10.1145/2739482.2764940

Published: 11 July 2015 Publication History

Get Access

Abstract

A malicious botnet is a collection of compromised hosts coordinated by an external entity. The malicious software, or malware, that infect the systems are its basic units and they are responsible for its global behavior. Anti Virus software and Intrusion Detection Systems detect botnets by analyzing network and files, looking for signature and known behavioral patterns. Thus, the malware hiding capability is a crucial aspect. This paper describes a new obfuscation mechanism based on evolutionary algorithms: an evolutionary core is embedded in the malware to generate a different, optimized hiding strategy for every single infection. Such always-changing, hard-to-detect malware can be used by security industries to stress the analysis methodologies and to test the ability to react to malware mutations. This research is the first step in a more ambitious research project, where a whole botnet, composed of different malware and Anti Virus software, is analyzed as a prey-predator ecosystem.

References

[1]

Goppit. Portable executable file format - a reverse engineer view. CodeBreakers Magazine, Jan 2006.

Google Scholar

[2]

F. Guo, P. Ferrie, and T. Chiueh. A study of the packer problem and its solutions. pages 98--115, 2008.

Digital Library

Google Scholar

[3]

S. Michael and H. Andrew. Practical Malware Analysis - The HandsOn Guide to Dissecting Malicious Software. No Starch Press, 2012.

Google Scholar

[4]

K. A. Roundy and B. P. Miller. Binary-code obfuscations in prevalent packer tools. ACM Computing Surveys (CSUR), 46(1):4, 2013.

Digital Library

Google Scholar

[5]

P. Ször and P. Ferrie. Hunting for metamorphic. In Virus Bulletin Conference, 2001.

Google Scholar

[6]

M. V. Yason. The art of unpacking. BlackHat, Feb 2007.

Google Scholar

Cited By

View all

Fritsch LJaber AYazidi A(2023)An Overview of Artificial Intelligence Used in MalwareNordic Artificial Intelligence Research and Development10.1007/978-3-031-17030-0_4(41-51)Online publication date: 2-Feb-2023
https://doi.org/10.1007/978-3-031-17030-0_4
Maniriho PMahmood AChowdhury M(2022)A study on malicious software behaviour analysis and detection techniquesFuture Generation Computer Systems10.1016/j.future.2021.11.030130:C(1-18)Online publication date: 1-May-2022
https://dl.acm.org/doi/10.1016/j.future.2021.11.030
Zhong FHu PZhang GLi HCheng X(2022)Reinforcement learning based adversarial malware example generation against black-box detectorsComputers and Security10.1016/j.cose.2022.102869121:COnline publication date: 1-Oct-2022
https://dl.acm.org/doi/10.1016/j.cose.2022.102869
Show More Cited By

Index Terms

Malware Obfuscation through Evolutionary Packers

Recommendations

Effectiveness of Android Obfuscation on Evading Anti-malware
CODASPY '18: Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy

Obfuscation techniques have been conventionally used for legitimate applications, including preventing application reverse engineering, tampering and protecting intellectual property. A malware author could also leverage these benign techniques to hide ...
Obfuscation: The Hidden Malware

A cyberwar exists between malware writers and antimalware researchers. At this war's heart rages a weapons race that originated in the 80s with the first computer virus. Obfuscation is one of the latest strategies to camouflage the telltale signs of ...
The Next Malware Battleground: Recovery After Unknown Infection

Malware has become a natural aspect of Internet computing due to the imperfectness of systems that identify malware and prevent their installation. Our ability to control the volume of unwanted and malicious traffic on the Internet—the spam messages, ...

Comments

Information & Contributors

Information

Published In

GECCO Companion '15: Proceedings of the Companion Publication of the 2015 Annual Conference on Genetic and Evolutionary Computation

July 2015

1568 pages

ISBN:9781450334884

DOI:10.1145/2739482

Editor:
Sara Silva
Universidade de Lisboa, Portugal
,
General Chair:
Anna I. Esparcia-Alcázar
Universitat Politècnica de València, Spain

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 11 July 2015

Check for updates

Author Tags

Qualifiers

Abstract

Conference

GECCO '15

Sponsor:

SIGEVO

GECCO '15: Genetic and Evolutionary Computation Conference

July 11 - 15, 2015

Madrid, Spain

Acceptance Rates

Overall Acceptance Rate 1,669 of 4,410 submissions, 38%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

7
Total Citations
View Citations
365
Total Downloads

Downloads (Last 12 months)18
Downloads (Last 6 weeks)1

Reflects downloads up to 23 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Fritsch LJaber AYazidi A(2023)An Overview of Artificial Intelligence Used in MalwareNordic Artificial Intelligence Research and Development10.1007/978-3-031-17030-0_4(41-51)Online publication date: 2-Feb-2023
https://doi.org/10.1007/978-3-031-17030-0_4
Maniriho PMahmood AChowdhury M(2022)A study on malicious software behaviour analysis and detection techniquesFuture Generation Computer Systems10.1016/j.future.2021.11.030130:C(1-18)Online publication date: 1-May-2022
https://dl.acm.org/doi/10.1016/j.future.2021.11.030
Zhong FHu PZhang GLi HCheng X(2022)Reinforcement learning based adversarial malware example generation against black-box detectorsComputers and Security10.1016/j.cose.2022.102869121:COnline publication date: 1-Oct-2022
https://dl.acm.org/doi/10.1016/j.cose.2022.102869
Tian ZHuang YXie BChen YChen LWu D(2021)Fine-Grained Compiler Identification With Sequence-Oriented Neural ModelingIEEE Access10.1109/ACCESS.2021.30692279(49160-49175)Online publication date: 2021
https://doi.org/10.1109/ACCESS.2021.3069227
Hwang CHwang JKwak JLee T(2020)Platform-Independent Malware Analysis Applicable to Windows and Linux EnvironmentsElectronics10.3390/electronics90507939:5(793)Online publication date: 12-May-2020
https://doi.org/10.3390/electronics9050793
Zincir-Heywood NKayacik G(2017)Evolutionary computation in network management and securityProceedings of the Genetic and Evolutionary Computation Conference Companion10.1145/3067695.3067726(1094-1112)Online publication date: 15-Jul-2017
https://dl.acm.org/doi/10.1145/3067695.3067726
Gaudesi MMarcelli ASanchez ESquillero GTonda A(2016)Challenging Anti-virus Through Evolutionary Malware ObfuscationApplications of Evolutionary Computation10.1007/978-3-319-31153-1_11(149-162)Online publication date: 2-Apr-2016
https://doi.org/10.1007/978-3-319-31153-1_11

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Effectiveness of Android Obfuscation on Evading Anti-malware

Obfuscation: The Hidden Malware

The Next Malware Battleground: Recovery After Unknown Infection