Jove
Visualize
Contact Us
JoVE
x logofacebook logolinkedin logoyoutube logo
ABOUT JoVE
OverviewLeadershipBlogJoVE Help Center
AUTHORS
Publishing ProcessEditorial BoardScope & PoliciesPeer ReviewFAQSubmit
LIBRARIANS
TestimonialsSubscriptionsAccessResourcesLibrary Advisory BoardFAQ
RESEARCH
JoVE JournalMethods CollectionsJoVE Encyclopedia of ExperimentsArchive
EDUCATION
JoVE CoreJoVE BusinessJoVE Science EducationJoVE Lab ManualFaculty Resource CenterFaculty Site
Terms & Conditions of Use
Privacy Policy
Policies

Related Experiment Videos

Evading Antivirus Detection Using Fountain Code-Based Techniques for Executing Shellcodes.

Gang-Cheng Huang1, Ko-Chin Chang2, Tai-Hung Lai1

  • 1Department of Computer Science and Information Engineering, Chung Cheng Institute of Technology, National Defense University, Taoyuan 335009, Taiwan.

Sensors (Basel, Switzerland)
|January 25, 2025
PubMed
Summary
This summary is machine-generated.

Related Concept Videos

You might also read

Related Articles

Articles linked to this work by shared authors, journal, and citation graph.

Sort by
Same journal

RETRACTED: Zhang et al. A Novel Framework for Reconstruction and Imaging of Target Scattering Centers via Wide-Angle Incidence in Radar Networks. <i>Sensors</i> 2025, <i>25</i>, 6802.

Sensors (Basel, Switzerland)·2026
Same journal

Enhancing Unsupervised Multi-Source Domain Adaptation for Person Re-Identification via Mixture of Experts and Graph-Based Relation.

Sensors (Basel, Switzerland)·2026
Same journal

Development of an Instrumented Glove for Palmar Pressure Assessment in Kayakers.

Sensors (Basel, Switzerland)·2026
Same journal

Development and Experimental Validation of an Autonomous IoT-Based Monitoring System for Real-Time Water Quality Assessment in the Amazon River.

Sensors (Basel, Switzerland)·2026
Same journal

Semi-Supervised Adversarial Learning Framework for Controller Area Network Bus Intrusion Detection.

Sensors (Basel, Switzerland)·2026
Same journal

Smart Optimization Method for Safety Signs in Innovative Manufacturing Environments Integrating Industrial Field IoT Sensors and Knowledge Graphs.

Sensors (Basel, Switzerland)·2026
See all related articles

This study introduces fountain codes to evade antivirus detection for malicious shellcode. Encoding significantly reduced detection rates for both 32-bit and 64-bit shellcode, enhancing evasion capabilities.

Area of Science:

  • Cybersecurity
  • Computer Science
  • Network Security

Background:

  • Antivirus software struggles to detect sophisticated, obfuscated malicious code.
  • Shellcode evasion is critical for penetration testing and security research.

Purpose of the Study:

  • To develop and evaluate a novel method for evading antivirus detection using fountain codes.
  • To assess the effectiveness of this method on Meterpreter shellcode for Windows architectures.

Main Methods:

  • Malicious shellcode was generated using the Meterpreter framework for 32-bit and 64-bit Windows.
  • Fountain codes were employed to encode the shellcode, breaking it into packets with distinct structures.
  • The obfuscated shellcode was tested against antivirus vendors to measure detection rates.
Keywords:
Metasploit frameworkantivirus evasionfountain codemeterpretermsfvenomshellcode

Related Experiment Videos

Main Results:

  • Detection rates for 32-bit shellcode decreased from 18 to 3 instances.
  • Detection rates for 64-bit shellcode decreased from 16 to 1 instance.
  • The fountain code encoding maintained shellcode integrity and ensured correct execution.

Conclusions:

  • Fountain code encoding is an effective technique for evading antivirus detection of malicious shellcode.
  • This method provides a valuable tool for the persistence phase in penetration testing.
  • Further research into advanced obfuscation techniques is warranted.