Visible to the public A Survey on Zero-Day Polymorphic Worm Detection Techniques

TitleA Survey on Zero-Day Polymorphic Worm Detection Techniques
Publication TypeJournal Article
Year of Publication2014
AuthorsKaur, R., Singh, M.
JournalCommunications Surveys Tutorials, IEEE
Date PublishedThird
Keywordsdetection systems, Fingerprinting, Grippers, Internet, Internet security, invasive software, key per infection, Malware, Monitoring, payload encryption, Payloads, Polymorphic worms, security layers, Signature Generation, signature-based defenses, Vectors, Zero-day attacks, zero-day malware, zero-day polymorphic worm detection techniques

Zero-day polymorphic worms pose a serious threat to the Internet security. With their ability to rapidly propagate, these worms increasingly threaten the Internet hosts and services. Not only can they exploit unknown vulnerabilities but can also change their own representations on each new infection or can encrypt their payloads using a different key per infection. They have many variations in the signatures of the same worm thus, making their fingerprinting very difficult. Therefore, signature-based defenses and traditional security layers miss these stealthy and persistent threats. This paper provides a detailed survey to outline the research efforts in relation to detection of modern zero-day malware in form of zero-day polymorphic worms.

Citation Key6766917