polymorphic malware
Home > Security Definitions - Polymorphic malware
SearchSecurity.com Definitions (Powered by WhatIs.com)
EMAIL THIS
LOOK UP TECH TERMS Powered by: WhatIs.com
Search listings for thousands of IT terms:
Browse tech terms alphabetically:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #

polymorphic malware

Show me everything on Emerging Information Security Threats


Word of the Day


DEFINITION - Polymorphic malware is harmful, destructive or intrusive computer software such as a virus, worm, Trojan or spyware that constantly changes ("morphs"), making it difficult to detect with anti-malware programs. Evolution of the malicious code can occur in a variety of ways such as filename changes, compression and encryption with variable keys.

Although the appearance of the code in polymorphic malware varies with each "mutation," the essential function usually remains the same. For example, a spyware program intended to act as a keylogger will continue to perform that function even though its signature changes. If the malicious program is discovered by an anti-malware vendor and its signature is added to a downloadable database, the anti-malware program will fail to detect the rogue code after the signature has changed, just as if a new virus, worm, Trojan or spyware program has emerged. In this way, malware creators gain an advantage over countermeasure developers.

The best method of dealing with polymorphic malware is to employ multiple and diverse blocking, filtering, detection and removal programs. These programs should be kept current and should be run as often as possible. Auto-protect features, if available, should be enabled.

Learn more about Emerging Information Security Threats
Security book giveaway: Under-the-radar information security threats: Which enterprise security threat do you think has gone under the radar? Give us your thoughts. Our favorite response will win some great free security training books.
Quiz: The threat landscape for 2008 -- Protecting your organization against next-generation threats: Take this five-question quiz to evaluate your knowledge of the material presented by expert Lenny Zeltser in this Intrusion Defense School lesson.
Enterprise Security 2008 Learning Guide: SearchSecurity.com's panel of experts look back at last year's threats and make predictions about emerging enterprise security concerns for 2008.
Virtual Honeypots: From Botnet Tracking to Intrusion Detection: In Chapter 11 of Virtual Honeypots: From Botnet Tracking to Intrusion Detection, Niels Provos and Thorsten Holz get inside the botnet and reveal some interesting conclusions.
Malware: The ever-evolving threat: The first tip in our series, "How to assess and mitigate information security threats".

LAST UPDATED: 19 Apr 2007

Do you have something to add to this definition? Let us know.
Send your comments to techterms@whatis.com

More resources from around the web:
- A. E. Stepan describes techniques for defeating polymorphic malware.
- Y. H. Cho and W. H. Mangione-Smith describe a parser for polymorphic malware detection.
- SearchSMB.com answers frequently asked questions about malware.





FILE EXTENSION AND FILE FORMAT LIST
File Extension and File Format List:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #


RELATED CONTENT
RSA security conference 2010: news, interviews and updates
The RSA Security Conference is valuable resource in staying educated on the information security industry. Here you will find news on the upcoming RSA...
Hackers to sharpen malware, malicious software in 2010
Symantec researchers predict an increase in attacks using social network architectures, third-party applications and URL shortening services.
Modern malware, stealthy botnets, adapt quickly, expert says
As network intrusion detection systems evolve so does the malware they're designed to detect, continuing the cat and mouse game between security...

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
DNS rebinding attack  (SearchSecurity.com)
DNS rebinding is an exploit in which the attacker uses JavaScript in a malicious Web page to gain control of the victim's router. The attack works...
drive-by pharming  (SearchSecurity.com)
Drive-by pharming is a vulnerability exploitation method in which the attacker takes advantage of an inadequately unprotected broadband router to gain...




Get More polymorphic malware Answers
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts