Malicious Software Or Malware?

3814 Words16 Pages

Malicious software or malware is software designed for malicious purposes.Some malware may delete, overwrite, or steal user data. In general, this type of software can cause damage to the user’s computer and may steal vital information.Since this is a broad definition, malware can be classified into categories such as viruses, worms, trojan horses, spyware, adware, or botnets. Since there is substantial overlap between these type of malware, we refer to them simply as “viruses”. We can further classify viruses based on the way they try to conceal themselves from being detected by antivirus programs . These categories are “encrypted,” “polymorphic,” and “metamorphic.”
2.1 Encrypted Viruses
“Encrypted viruses” refer to those viruses that encrypt their body using a specified encryption algorithm but using different keys at every infection. Each encrypted virus has a decryption routine that usually remains the same, despite the fact that the keys change between infections. Therefore, it is possible to detect this class of viruses by analyzing the decryptor in order to obtain a reasonable signature. Figure 1 shows an encrypted virus example. Encrypted viruses tend to use simple algorithms for encryption. Common variants use algorithms such as XORing the body of the virus with the encryption key. Despite its effort to encrypt its body, this type of viruses can be easily detected by signature detection.

Fig 2 illustrates a simple encryption code written
Get Access