MULTI-COMPUTER MALWARE DETECTION SYSTEMS WITH METAMORPHIC FUNCTIONALITY

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F25840886%3A_____%2F24%3AN0000011" target="_blank" >RIV/25840886:_____/24:N0000011 - isvavai.cz</a>

Výsledek na webu

<a href="http://nti.khai.edu/ojs/index.php/reks/article/view/reks.2024.1.13/2279" target="_blank" >http://nti.khai.edu/ojs/index.php/reks/article/view/reks.2024.1.13/2279</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.32620/reks.2024.1.13" target="_blank" >10.32620/reks.2024.1.13</a>

Jazyk výsledku

angličtina

Název v původním jazyce

MULTI-COMPUTER MALWARE DETECTION SYSTEMS WITH METAMORPHIC FUNCTIONALITY

Popis výsledku v původním jazyce

The need to develop new systems for detecting and counteracting malware remains relevant. In addition to malware detection methods, the need to develop new systems for detecting and counteracting malware has become increasingly important. The use of various detection systems and the formation of a variable architecture in them significantly improves the effectiveness of detection, since both for attackers in computer attacks and for malware, understanding the system is significantly complicated. In addition, such systems may contain baits, traps, and, accordingly, modifiable operating environments to deceptively execute programs for research. This paper develops a conceptual model of multicomputer systems, which is designed to ensure the functioning of antivirus bait and traps to detect malware and computer attacks in corporate networks. The proposed approach is intended to prevent and counteract metamorphic virus penetration. This paper presents the conceptual model of multicomputer systems and introduces a defining characteristic responsible for the control of decisions and other defining characteristics of the system. Methods for detecting metamorphic viruses with the possibility of their implementation in the architecture of multi-computer systems with bait and traps are developed so that the system directly joins the detection procedure through its components and decides on the presence of metamorphic code in the executable file. An implementation of a multi-computer malware detection system with metamorphic functionality was developed to prove the feasibility of the proposed conceptual architecture model and the developed methods for detecting metamorphic viruses. An experiment on the functioning of a multi-computer malware detection system was set up, and experimental studies were conducted. The conducted experiments included metamorphic virus detection. In addition, an experiment on the effectiveness of detecting the metamorphic code of viruses was conducted. The efficiency of detecting metamorphic virus code using the developed multi-computer system was also investigated, and the presence of improved detection was established. The directions of further work are to extend the results of this work to new types of malware.

Název v anglickém jazyce

MULTI-COMPUTER MALWARE DETECTION SYSTEMS WITH METAMORPHIC FUNCTIONALITY

Popis výsledku anglicky

The need to develop new systems for detecting and counteracting malware remains relevant. In addition to malware detection methods, the need to develop new systems for detecting and counteracting malware has become increasingly important. The use of various detection systems and the formation of a variable architecture in them significantly improves the effectiveness of detection, since both for attackers in computer attacks and for malware, understanding the system is significantly complicated. In addition, such systems may contain baits, traps, and, accordingly, modifiable operating environments to deceptively execute programs for research. This paper develops a conceptual model of multicomputer systems, which is designed to ensure the functioning of antivirus bait and traps to detect malware and computer attacks in corporate networks. The proposed approach is intended to prevent and counteract metamorphic virus penetration. This paper presents the conceptual model of multicomputer systems and introduces a defining characteristic responsible for the control of decisions and other defining characteristics of the system. Methods for detecting metamorphic viruses with the possibility of their implementation in the architecture of multi-computer systems with bait and traps are developed so that the system directly joins the detection procedure through its components and decides on the presence of metamorphic code in the executable file. An implementation of a multi-computer malware detection system with metamorphic functionality was developed to prove the feasibility of the proposed conceptual architecture model and the developed methods for detecting metamorphic viruses. An experiment on the functioning of a multi-computer malware detection system was set up, and experimental studies were conducted. The conducted experiments included metamorphic virus detection. In addition, an experiment on the effectiveness of detecting the metamorphic code of viruses was conducted. The efficiency of detecting metamorphic virus code using the developed multi-computer system was also investigated, and the presence of improved detection was established. The directions of further work are to extend the results of this work to new types of malware.

Druh

J_SC - Článek v periodiku v databázi SCOPUS

CEP obor

—

OECD FORD obor

20202 - Communication engineering and systems

Projekt

—

Návaznosti

N - Vyzkumna aktivita podporovana z neverejnych zdroju

Rok uplatnění

2024

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název periodika

Radioelectronic and Computer Systems

ISSN

1814-4225

e-ISSN

2663-2012

Svazek periodika

2024

Číslo periodika v rámci svazku

1

Stát vydavatele periodika

UA - Ukrajina

Počet stran výsledku

24

Strana od-do

152-175

Kód UT WoS článku

—

EID výsledku v databázi Scopus

2-s2.0-85192967003