Intellipaat Back

Explore Courses Blog Tutorials Interview Questions
0 votes
in AI and Deep Learning by (820 points)
Has anyone implemented AI in computer virus? If yes, then how?

1 Answer

0 votes
by (7.2k points)

Such viruses are very common, and infact not very hard to build.

Viruses use a lot of techniques to evade detection, including

  • Changing their executable every now and then - Metamorphic & Polymorphic viruses.

  • Delayed code execution - To prevent detection by an Antivirus, which is executing the virus in a sandbox.

  • Using tricks that are specific to the Operating System - Like hooking some kernel level functions, so as to become *invisible* to the antivirus. (rootkits)

  • Detecting the Antivirus, and using evasion techniques specific to the one installed in the victim's computer.

  • Social Engineering (tricking) the victim into adding an exception in the AVs scanning rules.

  • Detecting if the program is running in a virtual machine, and behaving innocent if it detects one.

  • Using an update server - The malware creator constantly pushes new, undetected versions of the virus on a repository, from where the deployed viruses get updates.

  • Detecting honeypots and evading them.


There's so much more that is being done by the malware writers. These guys are some of the most intelligent, creative and hard working people in the world (though their work is not constructive).

I could tell you some inside stuff, but I can't be sure of your intentions, and I don't want to educate a wannabe malware writer by accident.

If you were looking for Artificial intelligence like Evolutionary code embedded into the malware, and malware that detects the hard drives contents and imitates other programs to evade detection:

Such viruses do exist, but not *in the wild*. There are research papers that mention such approaches to malware, but for academic purposes only.

There's even a research paper discussing a p2p based botnet, that uses AI to evolve its p2p topology, to prevent detection of the source, to maximise efficiency, and to make the network robust against attack. 

Browse Categories