Signature-Based Malware Detection Using Approximate Boyer Moore String Matching Algorithm

Abstract

Adversaries to any system restlessly continues to sought effective, non-detectable means to aid them successful penetrate secure systems, either for fun or commercial gains. They achieve these feats easily through the use of malware, which keeps on the rise, an ever-growing and corresponding overpopulated malware zoo. As such, information technology industry will continue to encounter via these escapades, both monetary and prestigious losses. Malware by design aims to alter the behaviour of its host by self-replicating its genome or codes unto it. They are quite fascinating in that on execution, some malware change their own structure so that its copies have same functionality but differ in signature and syntax from the original or parent virus. This makes signature detection quite unreliable. Study investigates detection of metamorphic malware attacks using the Boyer Moore algorithm for string-based signature detection scheme.