The analogies between computer malware and biological viruses are more than obvious. The very idea of an artificial ecosystem where malicious software can evolve and autonomously find new, more effective ways of attacking legitimate programs and damaging sensitive information is both terrifying and fascinating. The paper proposes two different ways for exploiting an evolutionary algorithm to devise malware: the former targeting heuristic-based antivirus scanner; the latter optimizing a Trojan attack. Testing the stability of a system against a malware-based attack, or checking the reliability of the heuristic scan of anti-virus software against an original malware application could be interesting for the research community and advantageous to the IT industry. Experimental results shows the feasibility of the proposed approaches on simple real-world test cases.

Towards Automated Malware Creation: Code Generation and Code Integration / Cani, A.; Gaudesi, Marco; SANCHEZ SANCHEZ, EDGAR ERNESTO; Squillero, Giovanni; Tonda, ALBERTO PAOLO. - STAMPA. - (2014), pp. 157-158. ((Intervento presentato al convegno 29th Symposium on Applied Computing - SAC 14 tenutosi a Gyeongju, Korea nel March 24 - 28, 2014.

Towards Automated Malware Creation: Code Generation and Code Integration

GAUDESI, MARCO;SANCHEZ SANCHEZ, EDGAR ERNESTO;SQUILLERO, Giovanni;
2014

Abstract

The analogies between computer malware and biological viruses are more than obvious. The very idea of an artificial ecosystem where malicious software can evolve and autonomously find new, more effective ways of attacking legitimate programs and damaging sensitive information is both terrifying and fascinating. The paper proposes two different ways for exploiting an evolutionary algorithm to devise malware: the former targeting heuristic-based antivirus scanner; the latter optimizing a Trojan attack. Testing the stability of a system against a malware-based attack, or checking the reliability of the heuristic scan of anti-virus software against an original malware application could be interesting for the research community and advantageous to the IT industry. Experimental results shows the feasibility of the proposed approaches on simple real-world test cases.
File in questo prodotto:
File Dimensione Formato  
2014 sac.pdf

non disponibili

Descrizione: Proceedings SAC
Tipologia: 2. Post-print / Author's Accepted Manuscript
Licenza: Non Pubblico - Accesso privato/ristretto
Dimensione 360.11 kB
Formato Adobe PDF
360.11 kB Adobe PDF   Visualizza/Apri   Richiedi una copia
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11583/2519689
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo