Formalization of viruses and malware through process algebras. Jacob, G., Filiol, E., & Debar, H. In Proceedings of the International Conference on Availability, Reliability, and Security (ARES'10), pages 597--602, Krakow, Poland, February, 2010. IEEE. bibtex: jacob2010formalization
doi  abstract   bibtex   
Abstract virology has seen the apparition of successive viral models, all based on Turing-equivalent formalisms. Considering recent malware, these are only partially covered because functional formalisms do not support interactive computations. This article provides a basis for a unified malware model, founded on the Join-Calculus. In terms of expressiveness, the process-based model supports the fundamental notion of self-replication but also interactions, concurrency and non-termination to cover evolved malware. In terms of protection, detection undecidability and prevention by isolation still hold. Additional results are established: calculus fragments where detection is decidable, definition of a non-infection property, potential solutions to restrict propagation.
@inproceedings{ jacob_formalization_2010,
  address = {Krakow, Poland},
  title = {Formalization of viruses and malware through process algebras},
  doi = {10.1109/ARES.2010.59},
  abstract = {Abstract virology has seen the apparition of successive viral models, all based on Turing-equivalent formalisms. Considering recent malware, these are only partially covered because functional formalisms do not support interactive computations. This article provides a basis for a unified malware model, founded on the Join-Calculus. In terms of expressiveness, the process-based model supports the fundamental notion of self-replication but also interactions, concurrency and non-termination to cover evolved malware. In terms of protection, detection undecidability and prevention by isolation still hold. Additional results are established: calculus fragments where detection is decidable, definition of a non-infection property, potential solutions to restrict propagation.},
  booktitle = {Proceedings of the {International} {Conference} on {Availability}, {Reliability}, and {Security} ({ARES}'10)},
  publisher = {IEEE},
  author = {Jacob, Grégoire and Filiol, Eric and Debar, Hervé},
  month = {February},
  year = {2010},
  note = {bibtex: jacob2010formalization},
  keywords = {Algebra, Availability, Calculus, Concurrent computing, Jacobian matrices, Join-Calculus, Protection, Steganography, Turing-equivalent formalisms, abstract virology, computer viruses, decidability, detection, detection undecidability, invasive software, malware, malware formalization, prevention, process algebra, process algebras, process-based malware model, security, viral models, virus formalization},
  pages = {597--602}
}
Downloads: 0