Analysis-Resistant Malware

11 years 11 months ago
Analysis-Resistant Malware
Traditionally, techniques for computing on encrypted data have been proposed with privacy preserving applications in mind. Several current cryptosystems support a homomorphic operation, allowing simple computations to be performed using encrypted values. This is sufficient to realize several useful applications, including schemes for electronic voting [16, 12, 17] and single server private information retrieval (PIR) [19, 9]. In this paper, we introduce an alternative application for these techniques in an unexpected setting: malware. We point out the counterintuitive possibility of malware which renders some aspects of its behavior provably resistant to forensic analysis, even with full control over the malware code, its input, and its execution environment. While methods for general purpose computation on encrypted data have not yet been realized, we explore the potential use of current techniques. Specifically, we consider in depth the possibility of malware which employs private...
John Bethencourt, Dawn Song, Brent Waters
Added 01 Jun 2010
Updated 01 Jun 2010
Type Conference
Year 2008
Where NDSS
Authors John Bethencourt, Dawn Song, Brent Waters
Comments (0)