Abstract
The formal study of computer malware was initiated in the seminal work of Fred Cohen in the mid 80s who applied elements of the Theory of Computation in the investigation of the theoretical limits of using the Turing Machine formal model of computation in detecting viruses. Cohen gave a simple but realistic, formal, definition of the characteristic actions of a computer virus as a Turing Machine that replicates itself and then proved that constructing a Turing Machine that recognizes viruses (i.e. Turing Machines that act like viruses) is impossible, by reducing the Halting Problem, which is undecidable, to the problem of recognizing a computer virus. In this paper we complement Cohen’s approach along similar lines, based on Recursion Function Theory and the Theory of Computation. More specifically, after providing a simple generalization of Cohen’s definition of a computer virus, we show that the malware/non-malware classification problem is undecidable under this new definition. Moreover, we show that to any formal system, there correspond infinitely many, effectively constructible, programs for which no proof can be produced by the formal system that they are either malware or non-malware programs. In other words, given any formal system, one can provide a procedure that generates, systematically, an infinite number of impossible to classify, within the formal system, programs.
The work of the first, third and fourth coauthors was partially supported by the CyberSec4Europe project, funded by the European Union under the H2020 Programme Grant Agreement No. 830929.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Cohen, F.: Computer Viruses. Ph.D. thesis, University of Southern California (1985)
Cohen, F.: Computer viruses: theory and experiments. Comput. Secur. 6(1), 22–35 (1987)
Davis, M.: The Universal Computer: The Road from Leibniz to Turing, 3rd edn. CRC Press, Boca Raton (2018)
Evans, D.: Introduction to Computing: Explorations in Language, Logic, and Machines. CreateSpace Independent Publishing Platform, Scotts Valley (2011)
Hopcroft, J., Ullman, J.D.: Introduction to Automata Theory, Languages, and Computation. Addison-Wesley Series in Computer Science (1979)
Kleene, S.K.: On notation for ordinal numbers. J. Symb. Log. 3, 150–155 (1938)
Liagkou, V., Nastou, P.E., Spirakis, P., Stamatiou, Y.C.: On the theoretical impossibility of Panopticon Detection (2021, Submitted)
Quine, W.V.: Mahematical Logic. Harvard University Press, Cambridge (1940)
Raattkainen, P.: On the philosophical relevance of Gödel’s incompleteness theorems. Revue internationale de philosophie 234(4), 513–534 (2005)
Rice, H.G.: Classes of recursively enumerable sets and their decision problems. Trans. Am. Math. Soc. 74, 358–366 (1953)
Thompson, K.: Reflections on trusting trust. Commun. ACM 27(8), 761–763 (1984). https://doi.org/10.1145/358198.358210
Turing, A.M.: On computable numbers, with an application to the entscheidungsproblem. Proc. Lond. Math. Soc. Lond. 2, 230–265 (1936/1937)
Acknowledgements
We would like to thank the anonymous reviewers for their constructive and inspiring comments.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Liagkou, V., Nastou, P.E., Spirakis, P., Stamatiou, Y.C. (2021). Effective Enumeration of Infinitely Many Programs that Evade Formal Malware Analysis. In: Dolev, S., Margalit, O., Pinkas, B., Schwarzmann, A. (eds) Cyber Security Cryptography and Machine Learning. CSCML 2021. Lecture Notes in Computer Science(), vol 12716. Springer, Cham. https://doi.org/10.1007/978-3-030-78086-9_18
Download citation
DOI: https://doi.org/10.1007/978-3-030-78086-9_18
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-78085-2
Online ISBN: 978-3-030-78086-9
eBook Packages: Computer ScienceComputer Science (R0)