Abstract
The paper presents a new technique for unknown metamorphic viruses' detection. It is based on the analysis of the potentially suspicious behavior of the programs on the host. The novelty of the contribution is that, the analysis is performed via the comparison of the functional blocks of the disassembled code before and after program's emulation, which is executed within the modified emulators installed on each host of the network. The conclusion about the similarity of the suspicious program to the metamorphic virus program is performed by the means of the fuzzy inference system. In order to provoke possible presence of the metamorphic virus other hosts of the network are involved in the detection process. Thus, experimentally it was shown that level of metamorphic viruses' demonstration increases with the number of hosts.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
