Malware Obfuscation

Malware obfuscation is the art of concealing the presence of the malicious program from the end user of a targeted device.

Usually the expectation from a malware infected system is the display of symptoms that confirm the computer is compromised.

The involvement of malware obfuscation enables the malware to operate undetected for months or several years in certain unwary environments. In these cases, the affected computer system continues to operate as usual for the user.

There are several obfuscation techniques an adversary can instigate within their code which support the malicious program in evading system security.

Combining the obfuscation with encryption makes the process of analysing the malware challenging and time-consuming for the anti-virus software program. Subsequently, this process allows the malware to remain resistant from any security scans.

Anti-virus software may use sandboxing techniques to detect patterns that highlight malicious functions in a malware. However, newer malware programs are sophisticated enough to change behaviour during runtime.

Activating authentication for every application running on a computer system provides the mechanisms required for detecting obfuscated malware.

Settings for anti-virus programs can be altered to deny data access for all programs except for those that are authenticated or authorised.

2