Formal Affordance based Models of Computer Virus Reproduction

[ Pobierz całość w formacie PDF ]

could then classify a computer virus reproduction model based on whether
the actions, for which the predicate holds, are afforded by entities other than
35
the computer virus. Defining a number n of predicates would therefore re-
sult in up to 2n unique classifications (the exact number depends on the
independence of the predicates).
Acknowledgements
The authors would like to thank the referees of the Journal in Computer
Virology, and the participants of the 2nd International Workshop on the
Theory of Computer Viruses (TCV 2007), for their useful questions and
comments. The Unix shell script virus in Figure 1 was based on a similar
work by Bruce Ediger, published on Gary P. Thompson II s, The Quine
Page (http://www.nyx.net/~gthompso/quine.htm).
A Note on the Inclusion of Virus Code
It was important for the demonstration of our computer virus reproduction
models to include excerpts from the source code of some reproducing mal-
ware for illustrative purposes, in the vein of Cohen [9] and Filiol [11], who
have published virus source code for similar reasons. In order to prevent dis-
semination of exploitable code we have omitted significant sections of code,
and in the remaining code we have introduced subtle errors. Therefore, the
source code in this paper cannot be executed, but can be used by the reader
to verify the construction and classification of affordance-based computer
virus reproduction models.
References
[1] Leonard M. Adleman. An abstract theory of computer viruses. In Ad-
vances in Cryptology CRYPTO 88, volume 403 of Lecture Notes in
Computer Science, pages 354 374, 1990.
[2] Michael Bailey, Jon Oberheide, Jon Andersen, Z. Morley Mao, Farnam
Jahanian, and Jose Nazario. Automated classification and analysis of
internet malware. Technical Report CSE-TR-530-07, Department of
Electrical Engineering and Computer Science, University of Michigan,
April 2007.
[3] Guillaume Bonfante, Matthieu Kaczmarek, and Jean-Yves Marion. On
abstract computer virology: from a recursion-theoretic perspective.
Journal in computer virology, 1(3 4), 2006.
36
[4] Guillaume Bonfante, Matthieu Kaczmarek, and Jean-Yves Marion. A
classification of viruses through recursion theorems. In S.B. Cooper,
B. L�we, and A. Sorbi, editors, CiE 2007, volume 4497 of Lecture Notes
in Computer Science. Springer-Verlag Berlin Heidelberg, 2007.
[5] Ero Carrera and Gergely Erd�lyi. Digital genome mapping advanced
binary malware analysis. In Virus Bulletin Conference, September 2004.
[6] Manuel Clavel, Francisco Dur�n, Steven Eker, Patrick Lincoln, Narciso
Mart�-Oliet, Jos� Meseguer, and Jos� F. Quesada. Maude: Specifica-
tion and programming in rewriting logic. Theoretical Computer Science,
285(2):187 243, 2002.
[7] Fred Cohen. Computer viruses theory and experiments. Computers
and Security, 6(1):22 35, 1987.
[8] Fred Cohen. Computational aspects of computer viruses. Computers
and Security, 8:325 344, 1989.
[9] Frederick B. Cohen. It s Alive! The New Breed of Living Computer
Programs. John Wiley & Sons, 1994.
[10] Thomas H. Cormen, Charles E. Leiserson, Ronald L. Rivest, and Clifford
Stein. Introduction to Algorithms. MIT Press, 2nd edition, 2001.
[11] Eric Filiol. Computer Viruses: from Theory to Applications. Springer,
2005. ISBN 2287239391.
[12] Eric Filiol, Gr�goire Jacob, and Micka�l Le Liard. Evaluation methodol-
ogy and theoretical model for antiviral behavioural detection strategies.
Journal in Computer Virology, 3:23 37, 2007.
[13] Marius Gheorghescu. An automated virus classification system. In Virus
Bulletin Conference, October 2005.
[14] James J. Gibson. The theory of affordances. Perceiving, Acting and
Knowing: Toward an Ecological Psychology, pages 67 82, 1977.
[15] James J. Gibson. The Ecological Approach to Visual Perception.
Houghton Mifflin, Boston, 1979. ISBN 0395270499.
[16] Joseph A. Goguen, Timothy Walker, Jos� Meseguer, Kokichi Futatsugi,
and Jean-Pierre Jouannaud. Introducing OBJ. In Joseph A. Goguen
and Grant Malcolm, editors, Software Engineering with OBJ: Alge-
braic Specification in Action. Kluwer Academic Publishers, 2000. ISBN
0792377575.
37
[17] L. A. Goldberg, P. W. Goldberg, C. A. Phillips, and G. B. Sorkin. Con-
structing computer virus phylogenies. Journal of Algorithms, 26(1):188
208, 1998.
[18] Sarah Gordon. Virus and vulnerability classification schemes: Standards
and integration. Symantec Security Response White Paper, February
2003. http://www.symantec.com/avcenter/reference/virus.and.
vulnerability.pdf(accessed 2007-10-28).
[19] Michael Hilker and Christoph Schommer. SANA security analysis
in internet traffic through artificial immune systems. In Serge Autex-
ier, Stephan Merz, Leon van der Torre, Reinhard Wilhelm, and Pierre
Wolper, editors, Workshop Trustworthy Software 2006. IBFI, Schloss
Dagstuhl, Germany, 2006.
[20] Md. Enamul Karim, Andrew Walenstein, and Arun Lakhotia. Malware
phylogeny using maximal pi-patterns. In EICAR 2005 Conference: Best
Paper Proceedings, pages 156 174, 2005.
[21] Md. Enamul Karim, Andrew Walenstein, Arun Lakhotia, and Laxmi
Parida. Malware phylogeny generation using permutations of code.
Journal in Computer Virology, 1:13 23, 2005.
[22] Jeffrey O. Kephart. A biologically inspired immune system for com-
puters. In Rodney A. Brooks and Pattie Maes, editors, Artificial Life
IV, Proceedings of the Fourth International Workshop on Synthesis and
Simulation of Living Systems, pages 130 139. MIT Press, Cambridge,
Massachusetts, 1994.
[23] Donald E. Knuth, James H. Morris, and Vaughan R. Pratt. Fast pattern
matching in strings. SIAM Journal on Computing, 6(2):323 350, 1977.
[24] Jimmy Kuo and Desiree Beck. The common malware enumeration ini-
tiative. Virus Bulletin, pages 14 15, September 2005.
[25] Jos� Meseguer and Grigore Ro_u. The rewriting logic semantics project.
Theoretical Computer Science, 2007. To appear.
[26] Jose Andre Morales, Peter J. Clarke, Yi Deng, and B. M. Golam Kibria.
Testing and evaluating virus detectors for handheld devices. Journal in
Computer Virology, 2(2), 2006.
[27] Daniel Reynaud-Plantey. The Java mobile risk. Journal in Computer
Virology, 2(2), 2006.
38
[28] Fridrik Skulason and Vesselin Bontchev. A new virus naming convention.
CARO meeting, 1991.
[29] Anil Somayaji, Steven Hofmeyr, and Stephanie Forrest. Principles of a
computer immune system. In 1997 New Security Paradigms Workshop.
ACM Press, 1997.
[30] Eugene H. Spafford. Computer viruses as artificial life. Journal of Ar-
tificial Life, 1(3):249 265, 1994.
[31] Peter Sz�r. The Art of Computer Virus Research and Defense. Addison-
Wesley, 2005. ISBN 0321304543. [ Pobierz całość w formacie PDF ]

Odnośniki