Revision as of 04:09, 6 June 2005 edit Triddle (talk \| contribs) 5,294 edits m stubsensor cleanup project. Please see conflict resolution if you wish to revert. ← Previous edit		Revision as of 20:52, 30 June 2005 edit undo JohnJSal (talk \| contribs) 110 edits No edit summary Next edit →
Line 4: This technique is sometimes used by [[computer virus]]es, [[shellcode]]s and [[computer worm]]s to hide their presence. Most [[anti ~~virus~~-virus software]] and [[intrusion detection system]]s attempt to locate malicious code by searching through computer files and data packets sent over a [[computer network]]. If the security software finds patterns that correspond to known computer viruses or worms, it takes appropriate steps to neutralize the threat. [[Polymorphic]] algorithms make it difficult for such software to locate the offending code as it constantly mutates. [[Encryption]] is the most commonly used method of achieving polymorphism in code. However, not all of the code can be encrypted as it would be completely unusable. A small portion of it is left unencrypted and used to jumpstart the encrypted software. Anti-virus software targets this small unencrypted portion of code.

Polymorphic code: Difference between revisions