Page 26 - Cyber Warnings December 2015
P. 26
Apoc@lypse: when the anti-malware is sick.
By Rogerio Winter, lieutenant colonel at Brazilian Army and Rodrigo Ruiz, researcher at CTI
Renato Archer.
Are you sure that your systems are protected?
Several countries recognize that cyber threats can reach a national threat threshold leading to a
state that prevents prosperity, security and stability. Notably, the anti-malware and antivirus
systems have played a key role, just over 30 years in the defense of several companies’ information
systems, government and military. However, the anti-virus systems has suffered a large number of
critical due to the efficiency of these. In 1987, Fred Cohen demonstrated that no algorithm could
detect perfectly all the possible viruses. This was a very discouraging observation when we thinking
about antivirus. Other people recently declared, “Antivirus is dead”.
The antivirus concept was changed to the anti-malware concept, however antivirus is the most
widely known. Inside the anti-malware is embedded a threat detection system which the signature-
based technology is one of the most popular technologies against virus and malware.
The different anti-malware software makers announce new and efficient technologies that claim to
offer better performance and cheaper answers us with malware security incidents within
organizations. Clearly, there can be a technology that is faster, better and more efficient than all
others. Our research went back to the basic beginnings, to the DNA of the antivirus. We questioned
the paradigms now consolidated in the software through four decades, revised the history of the
development of this software, and started to carefully study the common nucleus. Making an
analogy to the human body, the fault is in the DNA of the ancestors of the modern antivirus
software.
The use of terms like infection, incubation, and disease in the context of information security
suggests a similarity between computers and biological virus, a logical parallel. The similarity
between the virtual world and the reality is notable. Solutions to fatal computer problems were
inspired by the observation of nature itself. In this way, we can establish a metaphor between
human body and cyber body, particularly of the system protect. An autoimmune disease occurs
when the human immune system has a fault, and it attack cells and tissues of the organism itself in
the same way as a virus or a bacterium tries to infect a human body.
All the antivirus software on the market have the same algorithms in common. In other words, the
methodology that compares signatures of the virus was created almost three decades ago. The
virus classification is made by signature without considering the behavior of the virus.
What is not Apoc@lypse Technique?
The Apoc@lypse Technique is not a malware. Malware is malicious software that infect computers;
however, they have a more limited range in terms of operating system, anti-malware vendor and
time.
26 Cyber Warnings E-Magazine – December 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide