Portal de Periódicos da CAPES

A Malware Obfuscation AI Technique to Evade Antivirus Detection in Counter Forensic Domain

2020; Springer Nature; Linguagem: Inglês

10.1007/978-3-030-52067-0_27

1860-9503

Ahmed A. Mawgoud, Hussein M. Rady, B. Tawfik,

Anomaly Detection Techniques and Applications

Data obfuscation is the process of converting a constant or a variable into computational results of several constants to make it hard for the files to be detected or analyzed by anti-malware engines. In recent years, malicious based attacks are considered as one of the highest internet threats; as the majority of internet users depend on antivirus software as a protection tool, attackers use obfuscation techniques to achieve high evasion rates against different antiviruses. In this paper, we introduce multiple techniques consists of four stages that aid a malware; to avoid anti-malware tools, these techniques were mainly developed to provide a high evasion rate against anti-malware systems via dynamic analysis techniques. The evasion rate success of our samples were tested through (Kaspersky, Virustotal and Virusscan), then the result of our experiment were compared with other obfuscation techniques to stand on the success level of the experiment as well as extracting the strength and weakness points for any possible future works.