Now a group of researchers in New Zealand have come up with a biology-inspired method for detecting 'genetic' characteristics of malware, enabling it to recognise new variants, even if a signature for it has yet to be built.
Ajit Narayanan and Yi Chen of the School of Computing & Mathematical Sciences, Auckland University of Technology, Auckland, New Zealand reasoned that data mining techniques might be used to improve antivirus defences, by being able to understand whether a particular program was likely to be benign or potentially malware.
“One of the problems in applying automatic data mining techniques to malware code directly, even if it is available, is the variable length of the code, since most data mining and other machine learning techniques assume fixed length sequences with a column representing measurements of the same variable across many samples,” they explain in their research paper.
To get round this problem, the researchers developed a technique to turn malware hexadecimal signatures into amino acid representations. They then used established protein modelling systems to analyse the malware.
They tested out the system with the signatures of 60 computer viruses and 60 worms. This showed the system can be used to create genetic fingerprints for the malware, with far greater accuracy than is currently possible.
The researchers think it may ultimately allow them to build an algorithm that can analyse a program and work out whether it contains malware. The research was submitted to the ArXiv repository.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago