본문 바로가기
  • Home

Automatic malware variant generation framework using Disassembly and Code Modification

  • Journal of The Korea Society of Computer and Information
  • Abbr : JKSCI
  • 2020, 25(11), pp.131-138
  • DOI : 10.9708/jksci.2020.25.11.131
  • Publisher : The Korean Society Of Computer And Information
  • Research Area : Engineering > Computer Science
  • Received : October 6, 2020
  • Accepted : October 19, 2020
  • Published : November 30, 2020

LEEJONGLAK 1 원일용 2

1영남이공대학교
2재단법인 서울호서직업전문학교

Accredited

ABSTRACT

Malware is generally recognized as a computer program that penetrates another computer system and causes malicious behavior intended by the developer. In cyberspace, it is also used as a cyber weapon to attack adversary. The most important factor that a malware must have as a cyber weapon is that it must achieve its intended purpose before being detected by the other's detection system. It requires a lot of time and expertise to create a single malware to avoid the other's detection system. We propose the framework that automatically generates variant malware when a binary code type malware is input using the DCM technique. In this framework, the sample malware was automatically converted into variant malware, and it was confirmed that this variant malware was not detected in the signature-based malware detection system.

Citation status

* References for papers published after 2022 are currently being built.

This paper was written with support from the National Research Foundation of Korea.