This book deals with computer viruses envisaged from three different points of view, namely the theoretical fundamentals of computer virology, algorithmic and practical aspects of viruses and their potential applications to various areas. The theoretical formalization by means of Turing machines, self-reproducing automata and recursive functions enable a precise and exhaustive description of the different types of malware. It follows that the main stakes of computer defense and antiviral fighting are easily highlighted. Detailed analysis of the source code for representative members of each virus/worm family allows the reader to grasp the basic algorithmic aspects involved in self-reproducing codes. The C programming language has been systematically used for a better understanding of the considered codes.
The purpose of this book is to propose a teaching approach to understand what computer viruses1 really are and how they work. To do this, three aspects are covered ranging from theoretical fundamentals, to practical applications and technical features; fully detailed, commented source codes of viruses as well as inherent applications are proposed. So far, the applications-oriented aspects have hardly ever been addressed through the scarce existing literature devoted to computer viruses.
The obvious question that may come to the reader’s mind is: why did the author write on a topic which is likely to offend some people? The motivation is definitely not provocation; the original reason for writing this book comes from the following facts. For roughly a decade, it turns out that antiviral defense finds it more and more difficult to organize and quickly respond to viral attacks which took place during the last four years (remember the programs caused by the release of worms, such as Sapphire, Blaster or Sobig, for example). There is a growing feeling among users – and not to say among the general public – that worldwide attacks give antivirus developers too short a notice. Current viruses are capable of spreading substantially faster than antivirus companies can respond.
As a consequence, we can no longer afford to rely solely on antivirus programs to protect against viruses and the knowledge in the virus field is wholly in the hands of the antiviral community which is totally reluctant to share it. Moreover, the problems associated with antiviral defense are complex by nature, and technical books dedicated to viruses are scarce, which does not make the job easy for people interested in this ever changing field.