论文信息 - Processor-Dependent Malware... and codes

Processor-Dependent Malware... and codes

Malware usually target computers according to their oper- ating system. Thus we have Windows malwares, Linux malwares and so on ...In this paper, we consider a different approach and show on a technical basis how easily malware can recognize and target systems selectively, according to the onboard processor chip. This technology is very easy to build since it does not rely on deep analysis of chip logical gates architecture. Floating Point Arithmetic (FPA) looks promising to define a set of tests to identify the processor or, more precisely, a subset of possible processors. We give results for different families of processors: AMD, Intel (Dual Core, Atom), Sparc, Digital Alpha, Cell, Atom ...As a conclusion, we propose two open problems that are new, to the authors' knowledge.

Eric Filiol | Robert Erra | Anthony Desnos

[1] Michael F. Barnsley,et al. Fractals everywhere , 1988 .

[2] Vaughan R. Pratt,et al. Computational aspects of the Pentium affair , 1995 .

[3] J. Yorke,et al. Chaos: An Introduction to Dynamical Systems , 1997 .

[4] W. Morven Gentleman,et al. More on algorithms that reveal properties of floating point arithmetic units , 1974, CACM.

[5] Éric Filiol. Computer Viruses: from Theory to Applications , 2005 .

[6] M. Bernhard. Introduction to Chaotic Dynamical Systems , 1992 .

[7] Michael L. Overton,et al. Numerical Computing with IEEE Floating Point Arithmetic , 2001 .

[8] Jean-Michel Muller,et al. Qualité des calculs sur ordinateur , 1997 .

[9] Mingtian Zhou,et al. Some Further Theoretical Results about Computer Viruses , 2004, Comput. J..

[10] David A. Patterson,et al. Arithmetic for Computers , 1994 .

[11] Dietmar Saupe,et al. Chaos and fractals - new frontiers of science , 1992 .

[12] Zhi-hong Zuo,et al. On the time complexity of computer viruses , 2005, IEEE Transactions on Information Theory.