Content deleted Content added
Importing Wikidata short description: "Self-modifying program code designed to defeat anti-virus programs or reverse engineering" |
Citation bot (talk | contribs) Alter: issue. Add: s2cid, authors 1-1. Removed parameters. Some additions/deletions were parameter name changes. | Use this bot. Report bugs. | Suggested by Abductive | Category:Articles needing additional references from November 2010 | #UCB_Category 28/1321 |
||
Line 6:
[[Encryption]] is the most common method to hide code. With encryption, the main body of the code (also called its [[Payload (computing)|payload]]) is encrypted and will appear meaningless. For the code to function as before, a decryption function is added to the code. When the code is ''executed'', this function reads the payload and decrypts it before executing it in turn.
Encryption alone is not polymorphism. To gain polymorphic behavior, the encryptor/decryptor pair is mutated with each copy of the code. This allows different versions of some code which all function the same.<ref name="wongstamp">{{cite journal |
== Malicious code ==
| |||