Title :
Analyze and Model the Primitive Attacking Mechanisms of Malicious Codes
Author :
Zemao Chen ; Junge Zhao ; Xiaoping Wu ; Weimin Tang
Author_Institution :
Dept. of Inf. Security, Naval Univ. of Eng., Wuhan
Abstract :
So far, researches on the topic of malicious code are mainly focused on the defending models and mechanisms against them. However, understanding how malicious code works is critical to preventing it effectively. This paper investigates the attacks that most recent malicious codes exhibit. By dissecting the combined malicious logic of them, it defines computer virus, worm, Trojan horse, and data-driven attack as the primitive attacking payloads of contemporary malicious codes. Models for each of the primitive attacks are then researched. Based on F. Cohenpsilas virus definition, how computer virus infects and propagates are formally described. By analyzing the code structure of a worm program, a model for worm network is presented. At last, data-driven attack is formally defined and how it threats to system security is analyzed.
Keywords :
computer viruses; invasive software; code structure; computer virus; data-driven attack; malicious codes; primitive attacking mechanisms; primitive attacking payloads; worm program; Application software; Buffer overflow; Computer worms; Data security; Information analysis; Information security; Information technology; Invasive software; Logic; Payloads;
Conference_Titel :
Intelligent Information Technology Application Workshops, 2008. IITAW '08. International Symposium on
Conference_Location :
Shanghai
Print_ISBN :
978-0-7695-3505-0
DOI :
10.1109/IITA.Workshops.2008.51
