Formalization of viruses and malware through process algebras

Formalization of viruses and malware through process algebras. Jacob, G., Filiol, E., & Debar, H. In Proceedings of the International Conference on Availability, Reliability, and Security (ARES'10), pages 597--602, Krakow, Poland, February, 2010. IEEE. bibtex: jacob2010formalization
doi abstract bibtex

Abstract virology has seen the apparition of successive viral models, all based on Turing-equivalent formalisms. Considering recent malware, these are only partially covered because functional formalisms do not support interactive computations. This article provides a basis for a unified malware model, founded on the Join-Calculus. In terms of expressiveness, the process-based model supports the fundamental notion of self-replication but also interactions, concurrency and non-termination to cover evolved malware. In terms of protection, detection undecidability and prevention by isolation still hold. Additional results are established: calculus fragments where detection is decidable, definition of a non-infection property, potential solutions to restrict propagation.

@inproceedings{ jacob_formalization_2010,
  address = {Krakow, Poland},
  title = {Formalization of viruses and malware through process algebras},
  doi = {10.1109/ARES.2010.59},
  abstract = {Abstract virology has seen the apparition of successive viral models, all based on Turing-equivalent formalisms. Considering recent malware, these are only partially covered because functional formalisms do not support interactive computations. This article provides a basis for a unified malware model, founded on the Join-Calculus. In terms of expressiveness, the process-based model supports the fundamental notion of self-replication but also interactions, concurrency and non-termination to cover evolved malware. In terms of protection, detection undecidability and prevention by isolation still hold. Additional results are established: calculus fragments where detection is decidable, definition of a non-infection property, potential solutions to restrict propagation.},
  booktitle = {Proceedings of the {International} {Conference} on {Availability}, {Reliability}, and {Security} ({ARES}'10)},
  publisher = {IEEE},
  author = {Jacob, Grégoire and Filiol, Eric and Debar, Hervé},
  month = {February},
  year = {2010},
  note = {bibtex: jacob2010formalization},
  keywords = {Algebra, Availability, Calculus, Concurrent computing, Jacobian matrices, Join-Calculus, Protection, Steganography, Turing-equivalent formalisms, abstract virology, computer viruses, decidability, detection, detection undecidability, invasive software, malware, malware formalization, prevention, process algebra, process algebras, process-based malware model, security, viral models, virus formalization},
  pages = {597--602}
}

Downloads: 0

{"_id":{"_str":"5298aa259eb585cc26000980"},"__v":0,"authorIDs":[],"author_short":["Jacob, G.","Filiol, E.","Debar, H."],"bibbaseid":"jacob-filiol-debar-formalizationofvirusesandmalwarethroughprocessalgebras-2010","bibdata":{"abstract":"Abstract virology has seen the apparition of successive viral models, all based on Turing-equivalent formalisms. Considering recent malware, these are only partially covered because functional formalisms do not support interactive computations. This article provides a basis for a unified malware model, founded on the Join-Calculus. In terms of expressiveness, the process-based model supports the fundamental notion of self-replication but also interactions, concurrency and non-termination to cover evolved malware. In terms of protection, detection undecidability and prevention by isolation still hold. Additional results are established: calculus fragments where detection is decidable, definition of a non-infection property, potential solutions to restrict propagation.","address":"Krakow, Poland","author":["Jacob, Grégoire","Filiol, Eric","Debar, Hervé"],"author_short":["Jacob, G.","Filiol, E.","Debar, H."],"bibtex":"@inproceedings{ jacob_formalization_2010,\n address = {Krakow, Poland},\n title = {Formalization of viruses and malware through process algebras},\n doi = {10.1109/ARES.2010.59},\n abstract = {Abstract virology has seen the apparition of successive viral models, all based on Turing-equivalent formalisms. Considering recent malware, these are only partially covered because functional formalisms do not support interactive computations. This article provides a basis for a unified malware model, founded on the Join-Calculus. In terms of expressiveness, the process-based model supports the fundamental notion of self-replication but also interactions, concurrency and non-termination to cover evolved malware. In terms of protection, detection undecidability and prevention by isolation still hold. Additional results are established: calculus fragments where detection is decidable, definition of a non-infection property, potential solutions to restrict propagation.},\n booktitle = {Proceedings of the {International} {Conference} on {Availability}, {Reliability}, and {Security} ({ARES}'10)},\n publisher = {IEEE},\n author = {Jacob, Grégoire and Filiol, Eric and Debar, Hervé},\n month = {February},\n year = {2010},\n note = {bibtex: jacob2010formalization},\n keywords = {Algebra, Availability, Calculus, Concurrent computing, Jacobian matrices, Join-Calculus, Protection, Steganography, Turing-equivalent formalisms, abstract virology, computer viruses, decidability, detection, detection undecidability, invasive software, malware, malware formalization, prevention, process algebra, process algebras, process-based malware model, security, viral models, virus formalization},\n pages = {597--602}\n}","bibtype":"inproceedings","booktitle":"Proceedings of the International Conference on Availability, Reliability, and Security (ARES'10)","doi":"10.1109/ARES.2010.59","id":"jacob_formalization_2010","key":"jacob_formalization_2010","keywords":"Algebra, Availability, Calculus, Concurrent computing, Jacobian matrices, Join-Calculus, Protection, Steganography, Turing-equivalent formalisms, abstract virology, computer viruses, decidability, detection, detection undecidability, invasive software, malware, malware formalization, prevention, process algebra, process algebras, process-based malware model, security, viral models, virus formalization","month":"February","note":"bibtex: jacob2010formalization","pages":"597--602","publisher":"IEEE","title":"Formalization of viruses and malware through process algebras","type":"inproceedings","year":"2010","bibbaseid":"jacob-filiol-debar-formalizationofvirusesandmalwarethroughprocessalgebras-2010","role":"author","urls":{},"keyword":["Algebra","Availability","Calculus","Concurrent computing","Jacobian matrices","Join-Calculus","Protection","Steganography","Turing-equivalent formalisms","abstract virology","computer viruses","decidability","detection","detection undecidability","invasive software","malware","malware formalization","prevention","process algebra","process algebras","process-based malware model","security","viral models","virus formalization"],"downloads":0},"bibtype":"inproceedings","biburl":"http://bibbase.org/zotero/ealprr","downloads":0,"keywords":["algebra","availability","calculus","concurrent computing","jacobian matrices","join-calculus","protection","steganography","turing-equivalent formalisms","abstract virology","computer viruses","decidability","detection","detection undecidability","invasive software","malware","malware formalization","prevention","process algebra","process algebras","process-based malware model","security","viral models","virus formalization"],"search_terms":["formalization","viruses","malware","through","process","algebras","jacob","filiol","debar"],"title":"Formalization of viruses and malware through process algebras","year":2010,"dataSources":["fcy64Zdm28gydMmuE"]}