Advanced Metamorphic Techniques in Computer Viruses

Philippe Beaucamps
International Conference on Computer, Electrical, and Systems Science, and Engineering - CESSE'07
November 2008

Nowadays viruses use polymorphic techniques to mutate their code on each replication, thus evading detection by antiviruses. However detection by emulation can defeat simple polymorphism: thus metamorphic techniques are used which thoroughly change the viral code, even after decryption. We briefly detail this evolution of virus protection techniques against detection and then study the METAPHOR virus, today’s most advanced metamorphic virus.

