Skip to main content
SpringerLink
Log in

Code mutation techniques by means of formal grammars and automatons

  • Original Paper
  • Published:
Journal in Computer Virology Aims and scope Submit manuscript

Abstract

The paper describes formalization of existing code mutation techniques widely used in a viruses (polymorphism and metamorphism) by means of formal grammars and automatons. New model of metamorphic viruses and new classification of this type of viruses are suggested. The statement about undetectable viruses of this type is proved. In that paper are shown iterative approach toward construct complex formal grammars from the simplest initial rules for building metamorphic generator. Also there are some samples of applied usage of formal grammar model. The experiment for system call tracing of some viruses and worms is described. Possibility of using system call sequences for viruses detecting is shown.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Similar content being viewed by others

References

  1. Qozah. Polymorphism and grammars, 29A E-zine, 1999, #4

  2. Filiol, E.: Metamorphism, formal grammars and undecidable code mutation. In: Proceedings of World Academy of Science, Engineering and Technology (PWASET), vol. 20 (2007)

  3. Jones N.D.: Computability and Complexity. MIT Press, Cambridge (1997)

    MATH  Google Scholar 

  4. Filiol E.: Computer viruses: from theory to applications, 405 p. Springer, France (2005)

    MATH  Google Scholar 

  5. Szor P.: The Art of Computer: Virus Research and Defense, 744 p. Symantec Press, USA (2005)

    Google Scholar 

  6. Bruschi, D., Martignoni, L., Monga, M.: Using Code Normalization for Fighting Self-Mutating Malware, Security & Privacy, IEEE, vol. 5, pp. 46–54 (2007)

  7. Lakhotia, A., Kapoor, A., Uday E.: Are metamorphic viruses really invincible? Virus Bulletin, pp. 5–7 (2004)

  8. Lakhotia, A., Kapoor, A., Uday E.: Are metamorphic viruses really invincible? Virus Bulletin, pp. 9–12 (2005)

  9. Zhang, Q., Reeves, D.: MetaAware: identifying metamorphic malware. In: Proceedings of the 23rd Annual Computer Security Applications Conference, Miami Beach, Florida (2007)

Download references

Author information

Authors and Affiliations

  1. Chelyabinsk State University, 129 Bratiev Kashirinih st, Chelyabinsk, Russia

    Pavel V. Zbitskiy

Authors
  1. Pavel V. Zbitskiy
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Pavel V. Zbitskiy.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Zbitskiy, P.V. Code mutation techniques by means of formal grammars and automatons. J Comput Virol 5, 199–207 (2009). https://doi.org/10.1007/s11416-009-0121-9

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11416-009-0121-9

Keywords

Search

Navigation