MULTI-COMPUTER MALWARE DETECTION SYSTEMS WITH METAMORPHIC FUNCTIONALITY
The result's identifiers
Result code in IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F25840886%3A_____%2F24%3AN0000011" target="_blank" >RIV/25840886:_____/24:N0000011 - isvavai.cz</a>
Result on the web
<a href="http://nti.khai.edu/ojs/index.php/reks/article/view/reks.2024.1.13/2279" target="_blank" >http://nti.khai.edu/ojs/index.php/reks/article/view/reks.2024.1.13/2279</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.32620/reks.2024.1.13" target="_blank" >10.32620/reks.2024.1.13</a>
Alternative languages
Result language
angličtina
Original language name
MULTI-COMPUTER MALWARE DETECTION SYSTEMS WITH METAMORPHIC FUNCTIONALITY
Original language description
The need to develop new systems for detecting and counteracting malware remains relevant. In addition to malware detection methods, the need to develop new systems for detecting and counteracting malware has become increasingly important. The use of various detection systems and the formation of a variable architecture in them significantly improves the effectiveness of detection, since both for attackers in computer attacks and for malware, understanding the system is significantly complicated. In addition, such systems may contain baits, traps, and, accordingly, modifiable operating environments to deceptively execute programs for research. This paper develops a conceptual model of multicomputer systems, which is designed to ensure the functioning of antivirus bait and traps to detect malware and computer attacks in corporate networks. The proposed approach is intended to prevent and counteract metamorphic virus penetration. This paper presents the conceptual model of multicomputer systems and introduces a defining characteristic responsible for the control of decisions and other defining characteristics of the system. Methods for detecting metamorphic viruses with the possibility of their implementation in the architecture of multi-computer systems with bait and traps are developed so that the system directly joins the detection procedure through its components and decides on the presence of metamorphic code in the executable file. An implementation of a multi-computer malware detection system with metamorphic functionality was developed to prove the feasibility of the proposed conceptual architecture model and the developed methods for detecting metamorphic viruses. An experiment on the functioning of a multi-computer malware detection system was set up, and experimental studies were conducted. The conducted experiments included metamorphic virus detection. In addition, an experiment on the effectiveness of detecting the metamorphic code of viruses was conducted. The efficiency of detecting metamorphic virus code using the developed multi-computer system was also investigated, and the presence of improved detection was established. The directions of further work are to extend the results of this work to new types of malware.
Czech name
—
Czech description
—
Classification
Type
J<sub>SC</sub> - Article in a specialist periodical, which is included in the SCOPUS database
CEP classification
—
OECD FORD branch
20202 - Communication engineering and systems
Result continuities
Project
—
Continuities
N - Vyzkumna aktivita podporovana z neverejnych zdroju
Others
Publication year
2024
Confidentiality
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Data specific for result type
Name of the periodical
Radioelectronic and Computer Systems
ISSN
1814-4225
e-ISSN
2663-2012
Volume of the periodical
2024
Issue of the periodical within the volume
1
Country of publishing house
UA - UKRAINE
Number of pages
24
Pages from-to
152-175
UT code for WoS article
—
EID of the result in the Scopus database
2-s2.0-85192967003