Polymorphic Malware Detection
Sentar's Polymorphic Malware Detection Unit (PMDU) project was developed under a research award from the Rome Air Force Research Laboratory.
Sentar’s Polymorphic Malware Detection Unit (PMDU) project was developed under a research award from the Rome Air Force Research Laboratory.
The PMDU creates fuzzy math-oriented patterns to recognize variations of self-mutating malware, called polymorphism. Its Machine-Learning data modeling techniques create fuzzy patterns that are used to discover abstract matches, rather than a traditional signature used by anti-virus systems.
This research provided the foundation of Sentar’s polymorphic malware analysis skunkworks projects, which continue being enhanced today (codenamed ViEX and BAT).
PDMU generates patterns based on a sample of known truth malware.
The PMDU performs automated detection of dynamically evolving malware as well as zero-day attacks. Sentar developed and used predictive Data Modeling techniques for automated detection of polymorphic malware in Windows and Linux executables.