is
More sophisticated IDSs look for common shellcode signatures. But even these systems can be bypassed,
by using polymorphic shellcode. This is a technique common among virus writers? It basically hides the true
nature of the shellcode in different disguises. How does a polymorphic shellcode work?
A. They reverse the working instructions into opposite order by masking the IDS signatures
B. They compress shellcode into normal instructions, uncompress the shellcode using loader code and then
executing the shellcode
C. They convert the shellcode into Unicode, using loader to convert back to machine code then executing
them
D. They encrypt the shellcode by XORing values over the shellcode, using loader code to decrypt the
shellcode, and then executing the decrypted shellcode
