Worms and Leeches

Every so often, an old wheel is reinvented. In the anti-malware game, an old favourite is what Dr. Fred Cohen used to call the "benevolent virus" or "maintenance" virus. Dr. Cohen’s early research and commentary remains the formal basis for much of the way we think about malware and anti-malware today. Several pages in "A Short Course on Computer Viruses" (Wiley, 1994) addresses the theoretical issues regarding what a benevolent virus could do, and his "It’s Alive: the New Breed of Living Computer Programs" (Wiley, 1994) covers similar ground more thoroughly. The latter work is not to be confused with Larry Cohen’s 1974 horror film, by the way, though there’s a certain irony in the re-use of the title: the anti-malware research community does generally react with distaste if not actual horror when the idea resurfaces, as it does every few years. (It was very popular at the time of the Code Red worm and its siblings.)

 

According to New Scientist, the latest group to rediscover this idea works for Microsoft Research at Cambridge. It’s not unreasonable to revisit such ideas from time to time, though the thought of using malware like Blaster as a model doesn’t inspire confidence. There are many legal, ethical and practical drawbacks to the use of replicative code for legitimate purposes, though, and  I hope that when this team presents its paper at Infocom in April, they will have looked back at previous research (including Cohen’s, as well as Dr. Vesselin Bontchev’s "Are ‘Good’Viruses Still a Bad Idea?" and considered those drawbacks.

 

I have a feeling this won’t be my last word on this subject here. :)

David Harley
Research Author

Author David Harley, ESET

  • http://anti-virus-rants.blogspot.com kurt wismer

    funny, i always considered vesselin’s words to be the last words on this subject… i’ve yet to see a convincing counter to his argument…

  • http://www.smallblue-greenworld.co.uk David

    Hi, Kurt.

    I’m inclined to agree. They may have a new and interesting angle, but I don’t know that they can get round the usual and very real objections, and the people who are likeliest to be able to put together competent “good” replicators won’t touch them because of the ethical and legal objections, never mind the practical issues.

    David Harley

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

4 articles related to:
Hot Topic
15 Feb 2008
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.