Bagheera: an advanced polimorphic and infection engine for Linux

Abstract

Computer viruses have been evolving since the '80s, adopting new techniques with the intention of avoiding being detected by anti-virus programs. One of these techniques is polymorphism, which is used to change the virus' structure each time an infection is carried out. This technique was broadly adopted by the virus-writing community and led to the birth of Polymorphic Engines, which can grant polymorphism to any virus.

This project focuses on the study of those engines and, in particular, on exploring the techniques used to avoid detection from anti-viruses. In addition, this project also focuses on the analysis and development of techniques to infect ELF binaries on Linux platforms.

The final goal is to design and build a modern polymorphic and infection engine, namely Bagheera, and to evaluate its effectiveness against a state of the art anti-virus in a Linux platform.