Enhanced Detection of Advanced Malicious Software

Over the last year the number of polymorphic and metamorphic malware samples seen in the wild has grown exponentially. The development of signatures for defensive purposes simply cannot keep up with the pace of these new malware attacks. New and sophisticated malware have been able to bypass network protection infrastructures to deliver attacks on the intended target. The network defense apparatus which relies on signature-based detection finds itself practically useless and unable to protect networks, platforms and data. This paper describes a novel approach to detect polymorphic and metamorphic malware. Our approach uses a unique method of leveraging multidimensional topological data with advanced clustering techniques for network detection. The results of our initial research and a discussion of future research possibilities are also presented.