The basic technique used by antimalware software for identifying malicious code is signature detection. Even after years of refining, attackers can still easily circumvent it, relying on several ways to manipulate signatures without changing the malware logic. This article introduces the reader to the signature manipulation concept by means of a practical example.
M. Ramilli, M. Prandini (2010). Always the Same, Never the Same. IEEE SECURITY & PRIVACY, 8, 73-75 [10.1109/MSP.2010.64].
Always the Same, Never the Same
RAMILLI, MARCO;PRANDINI, MARCO
2010
Abstract
The basic technique used by antimalware software for identifying malicious code is signature detection. Even after years of refining, attackers can still easily circumvent it, relying on several ways to manipulate signatures without changing the malware logic. This article introduces the reader to the signature manipulation concept by means of a practical example.File in questo prodotto:
Eventuali allegati, non sono esposti
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.