Half a croissant, on a plate, with a sign in front of it saying '50c'
h a l f b a k e r y
i v n i n seeks n e t o

idea: add, search, annotate, link, view, overview, recent, by name, random

meta: news, help, about, links, report a problem

account: browse anonymously, or get an account and write.

user:
pass:
register,


                       

Everlasting/evolving computer virus

A worm/virus which can adapt newly discovered exploits
  (+2, -5)
(+2, -5)
  [vote for,
against]

Disclaimer: I in no way advocate the construction of what I describe below, and in fact heartily discourage it. I simply pose it here as a thought experiment.

If I understand correctly, when a computer virus/worm is created it is designed to take advantage of a particular exploit, and propagates over time to computers vulnerable to that exploit. The virus remains active until systems are patched to fix the exploit or anti-virus programs are updated to detect the exploit.

What if there was a way for viruses to adapt? My conjecture is that one could create a virus which retrieves "patches" over an anonymous peer-to-peer network (e.g. Freenet). A malicious person (or group of malicious people) could create and upload new code samples as new exploits are discovered. The virus could randomly choose patches to incorporate into its offspring and discard useless exploits, allowing its descendants to take advantage of new exploits as they arise. A simple sort of evolution could arise, with viruses adapting themselves to the current state of computer updatedness.

Varying the exploits used would help prevent certain types of anti-virus detection. However, viruses can also be identified by detecting certain features in their overall structure. To get around this, brand-new "structures" for the virus could be provided over anonymous P2P. These new structures would probably be able to incorporate old exploits, but would have things like new base code, different dormancy times, and perhaps even use different P2P networks.

Some other evolutionary computation techniques might also be applicable, particularly for altering parameters like dormancy times. A more speculative possibility is to have the virus attempt to discover new exploits by brute force (which may be computationally feasible if the virus is wide spread), and then incorporating and uploading any effective exploits it finds.

Does this sound feasible? How could such a virus be eradicated?

NeuronExMachina, Feb 14 2005

Mobile Agents http://www.ias.ac.i.../July2002p35-43.pdf
A malicious mobile agent would fit the bill for what you are describing... [Jinbish, Feb 14 2005]

Tierra http://www.kk.org/o...control/ch15-a.html
Artificial evolution. [MikeOxbig, Nov 30 2005]

[link]






       Though i dont have an example right away, Most existing virus already do the first thing you said :
//...is that one could create a virus which retrieves "patches" over an anonymous peer-to-peer network (e.g. Freenet). A malicious person (or group of malicious people) could create and upload new code samples as new exploits are discovered. The virus could randomly choose patches to incorporate into its offspring and discard useless exploits, allowing its descendants to take...//
and for your question: //How could such a virus be eradicated?// : The solution lies in the problem itself.. as you said //..If I understand correctly, when a computer virus/worm is created it is designed to take advantage of a particular exploit, and propagates..//!!! Now, If you look at it in another angle, a virus is a software in itself.. and *will* have vulnarabilities* In the same way the virus attacked the comp, the virus could be attacked as well - by finding and using *its* vularabilities against it. Thus, no matter how difficult it can never be impossible. At least in theory.
kamathln, Feb 14 2005
  

       // How could such a virus be eradicated? //   

       Disable the P2P.
waugsqueke, Feb 14 2005
  

       Have you tried disabling a P2P recently [waugs]?
wagster, Feb 14 2005
  

       It can be done. I wouldn't expect to have to do it myself, just as I don't have to write my own antivirus routines now. I'm sure Norton or MacAfee or some other would come up with an appropriate tool.
waugsqueke, Feb 14 2005
  

       What you are proposing is essentailly a 'viral mobile agent'. A virus is a self replicating program; a mobile agent is supposed to be a cognitive, encapsulated piece of software that operates by a series of rules. Agents may be able to learn new rules via updates/patches or whatever. I'm not saying that your idea is baked- but the idea of a malicious software agent is.
Jinbish, Feb 14 2005
  

       This idea highlights the difference between evolution and rational design. Evolution is neat because it can happen by itself. It is horrendously inefficient and there may be limits on what sort of solutions can be evolved because of maladaptive intermediate steps. Rational design is neat because if you know your goal, you can custom make a solution to reach it. It is limited by the skills and creativity of the designer. Judging by the lists of viruses I see on virus hunter sites, there are many iterations of certain viruses, no doubt created by designers who attempt to improve on old designs.
bungston, Feb 14 2005
  

       I've considered the results of such a creation before. Possibly it could evolve an intelligent network between the running instances of its variations across the net. Perhaps it would deduce that a computer running cleanly and efficiently would allow it to work better, and would start repairing our computers. Maybe it would offer a peaceful co-existance.
ironfroggy, Feb 15 2005
  

       If each virus were to report back to a central database each day it survives with information about the system it's on, an AI would be able to tell which system configurations are amiable. The virus could target only those systems. Over time, system vulnerabilities could be predicted (every Windows with XXX security patch is vulnerable) A second program could send out viruses with new (random) changes. The ones that survive would report back. Continuous improvement would let the virus find every security problem in the world.   

       or am I just staying up too late?
Voice, Nov 29 2005
  

       Some guy actually did something similar to this (see link). He wrote a computer program that would copy itself, but occasionally it would make a mistake, creating a new program. In this way the program eventually evolved into several different "species" of programs. The better ones survived the Reaper program, written to kill off the inefficient programs, and thus fittest survived to produce a new generation. It's unnervingly like actual evolution and so your idea does seem pretty feasible.   

       Also, [bungston] evolution isn't "horrendously inefficient" like you said. Its more like the epitome of efficiency. It can accomplish many things man-kind can't, i.e. making something intelligent (again see link). In the example I stated above the original program was 80 bits, which was as small as the programmer could possibly make it, while still performing right. After a few days worth of reproduction (several thousand generations), the program had evolved to be a tiny 22 bits long, while still performing right. So far no programmer has come even close to writting the same program with that few bits. Therefore, artificial evolution has great possibilities, and could be very helpful in expanding the technoligical field.
MikeOxbig, Jan 29 2006
  
      
[annotate]
  


 

back: main index

business  computer  culture  fashion  food  halfbakery  home  other  product  public  science  sport  vehicle