Text only | Text with Images

Clan x86

General Forums => General Discussion => Topic started by: MyndFyre on March 01, 2011, 12:35:32 AM

Title: A Theory of Malware
Post by: MyndFyre on March 01, 2011, 12:35:32 AM
I was paging through a journal tonight from the ACM and I came across this article that advocated teaching a curriculum about malware in higher education.  I was a little skeptical of this until I read the author's thought "The reason we haven't solved the problem of malware is that we don't have a theory of malware."  Then I went from being a little skeptical to thinking the author was utterly ridiculous.

A theory that could completely encapsulate malware today would be so incredibly generalized (because it would have to encapsulate innumerable systems) that it would provide no value to solving such a problem, I think.

What do you think?  Do you think we just haven't academic-ized the problem enough?
Title: Re: A Theory of Malware
Post by: Sidoh on March 01, 2011, 04:04:02 AM
Probably not, but I think that there would be some benefit to introducing the study of malware to an academic curriculum.  I don't think we're missing a "theory" of malware, but having a better understanding of it would probably help things a bit.
Title: Re: A Theory of Malware
Post by: iago on March 01, 2011, 08:10:06 AM
There are plenty of "theories" in security - like how to prove a system is secure. And guess what? They never work. :)

The problem with theories is that they tend to look at a certain set of factors. Pieces, inputs, outputs, calculations, etc. But it turns out that in security, the most dangerous problems are the ones that you don't realize exist (until it's too late). In other words, abusing the system.

A good example is threat modeling. I want a shirt that says, "I'm not in your threat model" - implying that your threat model doesn't (and can't) cover a sufficiently creative hacker.
Title: Re: A Theory of Malware
Post by: Chavo on March 01, 2011, 06:06:00 PM
(http://www.chavoland.com/dap/iagoshirt.gif)
Title: Re: A Theory of Malware
Post by: Sidoh on March 01, 2011, 06:35:13 PM
chavo, you're my hero.
Title: Re: A Theory of Malware
Post by: iago on March 02, 2011, 12:46:39 AM
At least I spelled everything (more or less) right. :P
Title: Re: A Theory of Malware
Post by: Blaze on March 02, 2011, 12:23:36 PM
Quote from: iago on March 02, 2011, 12:46:39 AM
At least I spelled everything (more or less) right. :P


I don't see any misspellings.  :)
Title: Re: A Theory of Malware
Post by: iago on March 02, 2011, 12:42:54 PM
Quote from: Blaze on March 02, 2011, 12:23:36 PM
Quote from: iago on March 02, 2011, 12:46:39 AM
At least I spelled everything (more or less) right. :P


I don't see any misspellings.  :)

Presumably, s/thread/threat/. Unless it's a pun about shirts. In which case, Boo! :)
Title: Re: A Theory of Malware
Post by: Chavo on March 02, 2011, 01:14:47 PM
or forum threads
/me pretends the typo was intentional
Title: Re: A Theory of Malware
Post by: Sidoh on March 02, 2011, 03:17:57 PM
Hah.  I didn't even notice that.

Don't worry, Chavo, you're still my hero.
Text only | Text with Images