{"title":"逃避杀毒与包装的帮助","authors":"Andrej Fedák, J. Stulrajter","doi":"10.52651/sam.a.2022.1.14-22","DOIUrl":null,"url":null,"abstract":"Nowadays, almost every malware file comes obfuscated and prepacked preferably with an unknown algorithm. Antivirus programs are taught to deal with these kinds of obstacles with the help of signature databases and heuristic engines. AV systems and their tools are professionally and carefully developed by experts; however, they are not flawless either. They tend to react to any threats that are identified by already-known malicious patterns and bad behaviours. Therefore, malware has to evolve and use new methods to pass these defences. In this paper, the internal components of AV programs and well-known packing techniques are briefly explained while in addition they are tested against each other. This work provides an initial insight into the complex subject of antivirus protection.","PeriodicalId":282324,"journal":{"name":"Science & Military","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Evasion of Antivirus with the Help of Packers\",\"authors\":\"Andrej Fedák, J. Stulrajter\",\"doi\":\"10.52651/sam.a.2022.1.14-22\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Nowadays, almost every malware file comes obfuscated and prepacked preferably with an unknown algorithm. Antivirus programs are taught to deal with these kinds of obstacles with the help of signature databases and heuristic engines. AV systems and their tools are professionally and carefully developed by experts; however, they are not flawless either. They tend to react to any threats that are identified by already-known malicious patterns and bad behaviours. Therefore, malware has to evolve and use new methods to pass these defences. In this paper, the internal components of AV programs and well-known packing techniques are briefly explained while in addition they are tested against each other. This work provides an initial insight into the complex subject of antivirus protection.\",\"PeriodicalId\":282324,\"journal\":{\"name\":\"Science & Military\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1900-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Science & Military\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.52651/sam.a.2022.1.14-22\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Science & Military","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.52651/sam.a.2022.1.14-22","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Nowadays, almost every malware file comes obfuscated and prepacked preferably with an unknown algorithm. Antivirus programs are taught to deal with these kinds of obstacles with the help of signature databases and heuristic engines. AV systems and their tools are professionally and carefully developed by experts; however, they are not flawless either. They tend to react to any threats that are identified by already-known malicious patterns and bad behaviours. Therefore, malware has to evolve and use new methods to pass these defences. In this paper, the internal components of AV programs and well-known packing techniques are briefly explained while in addition they are tested against each other. This work provides an initial insight into the complex subject of antivirus protection.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
