Search results
Results From The WOW.Com Content Network
Polymorphic algorithms make it difficult for such software to recognize the offending code because it constantly mutates. Malicious programmers have sought to protect their encrypted code from this virus-scanning strategy by rewriting the unencrypted decryption engine (and the resulting encrypted payload) each time the virus or worm is propagated.
A polymorphic engine (sometimes called mutation engine or mutating engine) is a software component that uses polymorphic code to alter the payload while preserving the same functionality. Polymorphic engines are used almost exclusively in malware, with the purpose of being harder for antivirus software to detect.
Composition over inheritance (or composite reuse principle) in object-oriented programming (OOP) is the principle that classes should favor polymorphic behavior and code reuse by their composition (by containing instances of other classes that implement the desired functionality) over inheritance from a base or parent class. [2]
The Smeg Virus Construction Kit (or SMEG) is a polymorphic engine written by virus writer Chris Pile, known as The Black Baron. SMEG is an acronym for Simulated Metamorphic Encryption Generator. SMEG is an acronym for Simulated Metamorphic Encryption Generator.
This differs from polymorphic code, where the polymorphic engine can not rewrite its own code. Metamorphic code is used by some viruses when they are about to infect new files, and the result is that the next generation will never look like current generation.
Self-modifying code is also sometimes used by programs that do not want to reveal their presence, such as computer viruses and some shellcodes. Viruses and shellcodes that use self-modifying code mostly do this in combination with polymorphic code. Modifying a piece of running code is also used in certain attacks, such as buffer overflows.
A polymorphic packer is a file binder with a polymorphic engine. It thus has the ability to make its payload mutate over time, so it is more difficult to detect and remove. [ citation needed ]
This enables dynamic (run-time) polymorphism, where the referred objects can behave differently, depending on their (actual, derived) types. C++ also provides the dynamic_cast operator, which allows code to safely attempt conversion of an object, via a base reference/pointer, to a more derived type: downcasting.