Overall Objectives
Scientific Foundations
Application Domains
New Results
Other Grants and Activities

Section: Scientific Foundations

Computer Virology

From an historical point of view, the first official virus appeared in 1983 on Vax-PDP 11. In the very same time, a series of papers was published which always remain a reference in computer virology: Thompson  [105] , Cohen  [61] and Adleman  [44] .

The literature which explains and discusses practical issues is quite extensive, see for example Ludwig's book  [86] or Szor's one  [103] and all web sites...But, we think that the best references are both books of Filiol  [65] (English translation  [66] ) and  [68] . However, there are only a few theoretical/scientific studies, which attempt to give a model of computer viruses.

A virus is essentially a self-replicating program inside an adversary environment. Self-replication has a solid background based on works on fixed point in $ \lambda$ -calculus and on studies of Von Neumann [107] . More precisely we establish in  [53] that Kleene's second recursion theorem  [83] is the cornerstone from which viruses and infection scenarios can be defined and classified. The bottom line of a virus is behavior is

  1. A virus infect programs by modifying them

  2. A virus copies itself and can mutate

  3. Virus spreads throughout a system

The above scientific foundation justifies our position to use the word virus as a generic word for self-replicating malwares. (There is yet a difference. A malware has a payload, and virus may not have one.) For example, worms are an autonous self-replicating malware and so fall into our definition. In fact, the current malware taxonomy (virus, worms, trojans, ...) is unclear and subject to debate.


Logo Inria