• DocumentCode
    2105765
  • Title

    Analyze and Model the Primitive Attacking Mechanisms of Malicious Codes

  • Author

    Zemao Chen ; Junge Zhao ; Xiaoping Wu ; Weimin Tang

  • Author_Institution
    Dept. of Inf. Security, Naval Univ. of Eng., Wuhan
  • fYear
    2008
  • fDate
    21-22 Dec. 2008
  • Firstpage
    527
  • Lastpage
    530
  • Abstract
    So far, researches on the topic of malicious code are mainly focused on the defending models and mechanisms against them. However, understanding how malicious code works is critical to preventing it effectively. This paper investigates the attacks that most recent malicious codes exhibit. By dissecting the combined malicious logic of them, it defines computer virus, worm, Trojan horse, and data-driven attack as the primitive attacking payloads of contemporary malicious codes. Models for each of the primitive attacks are then researched. Based on F. Cohenpsilas virus definition, how computer virus infects and propagates are formally described. By analyzing the code structure of a worm program, a model for worm network is presented. At last, data-driven attack is formally defined and how it threats to system security is analyzed.
  • Keywords
    computer viruses; invasive software; code structure; computer virus; data-driven attack; malicious codes; primitive attacking mechanisms; primitive attacking payloads; worm program; Application software; Buffer overflow; Computer worms; Data security; Information analysis; Information security; Information technology; Invasive software; Logic; Payloads;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Intelligent Information Technology Application Workshops, 2008. IITAW '08. International Symposium on
  • Conference_Location
    Shanghai
  • Print_ISBN
    978-0-7695-3505-0
  • Type

    conf

  • DOI
    10.1109/IITA.Workshops.2008.51
  • Filename
    4731993
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2105765