skip to main content
10.1145/2739482.2764940acmconferencesArticle/Chapter ViewAbstractPublication PagesgeccoConference Proceedingsconference-collections
abstract

Malware Obfuscation through Evolutionary Packers

Published: 11 July 2015 Publication History

Abstract

A malicious botnet is a collection of compromised hosts coordinated by an external entity. The malicious software, or malware, that infect the systems are its basic units and they are responsible for its global behavior. Anti Virus software and Intrusion Detection Systems detect botnets by analyzing network and files, looking for signature and known behavioral patterns. Thus, the malware hiding capability is a crucial aspect. This paper describes a new obfuscation mechanism based on evolutionary algorithms: an evolutionary core is embedded in the malware to generate a different, optimized hiding strategy for every single infection. Such always-changing, hard-to-detect malware can be used by security industries to stress the analysis methodologies and to test the ability to react to malware mutations. This research is the first step in a more ambitious research project, where a whole botnet, composed of different malware and Anti Virus software, is analyzed as a prey-predator ecosystem.

References

[1]
Goppit. Portable executable file format - a reverse engineer view. CodeBreakers Magazine, Jan 2006.
[2]
F. Guo, P. Ferrie, and T. Chiueh. A study of the packer problem and its solutions. pages 98--115, 2008.
[3]
S. Michael and H. Andrew. Practical Malware Analysis - The HandsOn Guide to Dissecting Malicious Software. No Starch Press, 2012.
[4]
K. A. Roundy and B. P. Miller. Binary-code obfuscations in prevalent packer tools. ACM Computing Surveys (CSUR), 46(1):4, 2013.
[5]
P. Ször and P. Ferrie. Hunting for metamorphic. In Virus Bulletin Conference, 2001.
[6]
M. V. Yason. The art of unpacking. BlackHat, Feb 2007.

Cited By

View all
  • (2023)An Overview of Artificial Intelligence Used in MalwareNordic Artificial Intelligence Research and Development10.1007/978-3-031-17030-0_4(41-51)Online publication date: 2-Feb-2023
  • (2022)A study on malicious software behaviour analysis and detection techniquesFuture Generation Computer Systems10.1016/j.future.2021.11.030130:C(1-18)Online publication date: 1-May-2022
  • (2022)Reinforcement learning based adversarial malware example generation against black-box detectorsComputers and Security10.1016/j.cose.2022.102869121:COnline publication date: 1-Oct-2022
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
GECCO Companion '15: Proceedings of the Companion Publication of the 2015 Annual Conference on Genetic and Evolutionary Computation
July 2015
1568 pages
ISBN:9781450334884
DOI:10.1145/2739482
Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 11 July 2015

Check for updates

Author Tags

  1. adaptivity
  2. computational intelligence
  3. evolutionary packer
  4. malware
  5. multi-armed bandit
  6. operator selection
  7. self-adapting

Qualifiers

  • Abstract

Conference

GECCO '15
Sponsor:

Acceptance Rates

Overall Acceptance Rate 1,669 of 4,410 submissions, 38%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)18
  • Downloads (Last 6 weeks)1
Reflects downloads up to 23 Sep 2024

Other Metrics

Citations

Cited By

View all
  • (2023)An Overview of Artificial Intelligence Used in MalwareNordic Artificial Intelligence Research and Development10.1007/978-3-031-17030-0_4(41-51)Online publication date: 2-Feb-2023
  • (2022)A study on malicious software behaviour analysis and detection techniquesFuture Generation Computer Systems10.1016/j.future.2021.11.030130:C(1-18)Online publication date: 1-May-2022
  • (2022)Reinforcement learning based adversarial malware example generation against black-box detectorsComputers and Security10.1016/j.cose.2022.102869121:COnline publication date: 1-Oct-2022
  • (2021)Fine-Grained Compiler Identification With Sequence-Oriented Neural ModelingIEEE Access10.1109/ACCESS.2021.30692279(49160-49175)Online publication date: 2021
  • (2020)Platform-Independent Malware Analysis Applicable to Windows and Linux EnvironmentsElectronics10.3390/electronics90507939:5(793)Online publication date: 12-May-2020
  • (2017)Evolutionary computation in network management and securityProceedings of the Genetic and Evolutionary Computation Conference Companion10.1145/3067695.3067726(1094-1112)Online publication date: 15-Jul-2017
  • (2016)Challenging Anti-virus Through Evolutionary Malware ObfuscationApplications of Evolutionary Computation10.1007/978-3-319-31153-1_11(149-162)Online publication date: 2-Apr-2016

View Options

Get Access

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media