This paper describes a novel approach for preventative protection from both known and previously unknown malicious executable codes. It does not rely on screening the code for signatures of known viruses, but instead it detects attempts of the executable code in question to self-replicate during run time. Self-replication is the common feather of most malicious codes, allowing them to maximize their impact. This approach is an extension of the earlier developed method for detecting previously unknown viruses in script based computer codes. The paper presents a software tool implementing this technique for behavior-based run-time detection and suspension of self-replicating functionality in executable codes for Microsoft Windows operating systems. © Springer-Verlag Berlin Heidelberg 2005.
CITATION STYLE
Summerville, D., Skormin, V., Volynkin, A., & Moronski, J. (2005). Prevention of information attacks by run-time detection of self-replication in computer codes. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 3685 LNCS, pp. 54–75). https://doi.org/10.1007/11560326_5
Mendeley helps you to discover research relevant for your work.