The First Step Towards Modeling Unbreakable Malware

TL;DR

This paper introduces unbreakable malware (UBM), formalizes its security attributes, develops algorithms for its construction, and evaluates its robustness and real-world applicability, highlighting new cybersecurity threats and potential defenses.

Contribution

It formalizes the concept of unbreakable malware, proposes algorithms for its creation, and assesses its security features and implications for cybersecurity defenses.

Findings

UBM has strong anti-defense capabilities.

Algorithms successfully generate UBM instances.

UBM poses significant new threats to cybersecurity.

Abstract

Constructing stealthy malware has gained increasing popularity among cyber attackers to conceal their malicious intent. Nevertheless, the constructed stealthy malware still fails to survive the reverse engineering by security experts. Therefore, this paper modeled a type of malware with an "unbreakable" security attribute-unbreakable malware (UBM), and made a systematical probe into this new type of threat through modeling, method analysis, experiments, evaluation and anti-defense capacity tests. Specifically, we first formalized the definition of UBM and analyzed its security attributes, put forward two core features that are essential for realizing the "unbreakable" security attribute, and their relevant tetrad for evaluation. Then, we worked out and implemented four algorithms for constructing UBM, and verified the "unbreakable" security attribute based on our evaluation of the abovementioned two core features. After that, the four verified algorithms were employed to construct UBM instances, and by analyzing their volume increment and anti-defense capacity, we confirmed real-world applicability of UBM. Finally, to address the new threats incurred by UBM to the cyberspace, this paper explored some possible defense measures, with a view to establishing defense systems against UBM attacks.