The Polymorphic Virus
Early viruses were easy enough to detect. They had a certain signature to identify them,either within themselves as a method to prevent re-infection, or simply that they had a specific structure which it was possible to detect. Then along came the polymorphic virus. Poly meaning multiple and morphic meaning shape. These viruses change themselves each time they replicate, rearranging their code, changing encryption and generally making themselves look totally different.This created a huge problem, as instantly there were much smaller signatures that remained the same some of the “better” viruses were reduced to a detection signature of a few bytes. The problem was increased with the release of a number of polymorphic kits into the virus writing community which allowed any virus to be recreated as a polymorph.
No comments:
Post a Comment