The basic technique used by antimalware software for identifying malicious code is signature detection. Even after years of refining, attackers can still easily circumvent it, relying on several ways to manipulate signatures without changing the malware logic. This article introduces the reader to the signature manipulation concept by means of a practical example.

M. Ramilli, M. Prandini (2010). Always the Same, Never the Same. IEEE SECURITY & PRIVACY, 8, 73-75 [10.1109/MSP.2010.64].

Always the Same, Never the Same

RAMILLI, MARCO;PRANDINI, MARCO
2010

Abstract

The basic technique used by antimalware software for identifying malicious code is signature detection. Even after years of refining, attackers can still easily circumvent it, relying on several ways to manipulate signatures without changing the malware logic. This article introduces the reader to the signature manipulation concept by means of a practical example.
2010
M. Ramilli, M. Prandini (2010). Always the Same, Never the Same. IEEE SECURITY & PRIVACY, 8, 73-75 [10.1109/MSP.2010.64].
M. Ramilli; M. Prandini
File in questo prodotto:
Eventuali allegati, non sono esposti

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11585/89975
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 7
  • ???jsp.display-item.citation.isi??? 4
social impact