Technology advances have significantly changed our lives during the past decade. We rely on computers of various sorts for even the simplest of daily tasks and become stressed when they are not available or do not perform as we expect. The data that we create, use, and exchange has become the gold of the 21st century. Because our information is so valuable and often very personal, attempts to steal it have proliferated.
Malware was first developed as a challenge, but soon attackers recognized the value of stolen data and the cybercrime industry was born. Security companies soon formed to defend people and systems using antimalware technologies. In response, malware developers began experimenting with ways to evade security products. The first evasion techniques were simple because the antimalware products were simple. For example, changing a single bit in a malicious file was sometimes good enough to bypass the signature detection of a security product. Eventually, more complex mechanisms such as polymorphism or obfuscation arrived. Today’s malware is very aggressive and powerful. Malware is no longer developed just by isolated groups or teenagers who want to prove something. It is now developed by governments, criminal groups, and hacktivists, to spy on, steal, or destroy data.
To perform malicious actions, attackers create malware. However, they cannot achieve their goals unless their attempts remain undetected. There is a cat and-mouse game between security vendors and attackers, which includes attackers monitoring the operations of security technologies and practices.
The term evasion technique groups all the methods used by malware to avoid detection, analysis, and understanding.