Chapter 7

Non-Zero Sum Games and Survivable Malware

Today, computer viruses, Trojans, and worms are summarily removed from computers when found. Even in the case of the One-half virus that is designed to make safe removal difficult, disinfection is still possible without damaging the host system. Antiviral programs seldom attempt to remove a virus unless they believe there are no harmful consequences for doing so. But what if the consequence extends beyond the infected computer in question? Put another way, what if the removal of a virus on one machine will cause damage on another remotely located machine? If harmful consequences result from removing malware then the payoff for removal becomes a negative quantity in game theoretic terms. Of course, leaving the malware on the system may have a payoff that is even more negative. This begs the question as to whether or not there exist malware enforceable games between the host and the malware that have a higher payoff for the host when the malware is allowed to remain after discovery.

The unspoken dream of every virus writer is to design a virus that cannot be safely removed even after discovery.1

It is this that would constitute a true digital disease. This chapter investigates how various technologies can achieve this end when appropriately combined.

A dedicated attacker may have a rather serious goal in mind. For example, the ...

Get Malicious Cryptography: Exposing Cryptovirology now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.