It’s widely known that human DNA evidence has had a major impact in the criminal justice system. Now another kind of DNA may have a similar impact in the fight to eradicate malicious software.
Malware DNA, also known as “malware provenance,” is the art and science of attributing elements of one object to another object. The technique has applications outside information security — for example, in genetics, or to test the authorship of student papers. One way malware writers avoid detection of their programs is to craft polymorphic attacks. They dynamically change the code in their malware just enough to confound antivirus programs.