Supervisory control of malicious executables

Vir Phoha, Xin Xu, A. Ray, S. Phoha

Research output: Contribution to journalConference article

Abstract

This paper presents a systems-theoretic approach to profile, model, and control malicious executables in computer software. By treating the structural profile of malicious codes as a generator of formal languages, the language recognizer serves as a supervisory controller in the sense that the spread of malicious executables is arrested with the goal of making the virus ineffective. The theoretical foundation and the approach presented in this paper are applicable to a wide class of malicious executables. The controller can be designed as a separate program or as a background process to run on individual machines to monitor other processes. Simulation experiments on supervisory control of a file virus are presented as examples.

Original languageEnglish (US)
Pages (from-to)1065-1070
Number of pages6
JournalIFAC Proceedings Volumes (IFAC-PapersOnline)
Volume36
Issue number5
DOIs
StatePublished - Jan 1 2003
Event5th IFAC Symposium on Fault Detection, Supervision and Safety of Technical Processes, Safeprocess 2003 - Washington, United States
Duration: Jun 9 1997Jun 11 1997

Fingerprint

Viruses
Controllers
Formal languages
Experiments

Keywords

  • Automata theory
  • Detection systems
  • Discrete event system
  • Software safety
  • Supervisory control

ASJC Scopus subject areas

  • Control and Systems Engineering

Cite this

Supervisory control of malicious executables. / Phoha, Vir; Xu, Xin; Ray, A.; Phoha, S.

In: IFAC Proceedings Volumes (IFAC-PapersOnline), Vol. 36, No. 5, 01.01.2003, p. 1065-1070.

Research output: Contribution to journalConference article

Phoha, Vir ; Xu, Xin ; Ray, A. ; Phoha, S. / Supervisory control of malicious executables. In: IFAC Proceedings Volumes (IFAC-PapersOnline). 2003 ; Vol. 36, No. 5. pp. 1065-1070.
@article{418da1c2c3de44d7812e8eaa8518b762,
title = "Supervisory control of malicious executables",
abstract = "This paper presents a systems-theoretic approach to profile, model, and control malicious executables in computer software. By treating the structural profile of malicious codes as a generator of formal languages, the language recognizer serves as a supervisory controller in the sense that the spread of malicious executables is arrested with the goal of making the virus ineffective. The theoretical foundation and the approach presented in this paper are applicable to a wide class of malicious executables. The controller can be designed as a separate program or as a background process to run on individual machines to monitor other processes. Simulation experiments on supervisory control of a file virus are presented as examples.",
keywords = "Automata theory, Detection systems, Discrete event system, Software safety, Supervisory control",
author = "Vir Phoha and Xin Xu and A. Ray and S. Phoha",
year = "2003",
month = "1",
day = "1",
doi = "10.1016/S1474-6670(17)36634-X",
language = "English (US)",
volume = "36",
pages = "1065--1070",
journal = "IFAC-PapersOnLine",
issn = "2405-8963",
publisher = "IFAC Secretariat",
number = "5",

}

TY - JOUR

T1 - Supervisory control of malicious executables

AU - Phoha, Vir

AU - Xu, Xin

AU - Ray, A.

AU - Phoha, S.

PY - 2003/1/1

Y1 - 2003/1/1

N2 - This paper presents a systems-theoretic approach to profile, model, and control malicious executables in computer software. By treating the structural profile of malicious codes as a generator of formal languages, the language recognizer serves as a supervisory controller in the sense that the spread of malicious executables is arrested with the goal of making the virus ineffective. The theoretical foundation and the approach presented in this paper are applicable to a wide class of malicious executables. The controller can be designed as a separate program or as a background process to run on individual machines to monitor other processes. Simulation experiments on supervisory control of a file virus are presented as examples.

AB - This paper presents a systems-theoretic approach to profile, model, and control malicious executables in computer software. By treating the structural profile of malicious codes as a generator of formal languages, the language recognizer serves as a supervisory controller in the sense that the spread of malicious executables is arrested with the goal of making the virus ineffective. The theoretical foundation and the approach presented in this paper are applicable to a wide class of malicious executables. The controller can be designed as a separate program or as a background process to run on individual machines to monitor other processes. Simulation experiments on supervisory control of a file virus are presented as examples.

KW - Automata theory

KW - Detection systems

KW - Discrete event system

KW - Software safety

KW - Supervisory control

UR - http://www.scopus.com/inward/record.url?scp=85064459630&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85064459630&partnerID=8YFLogxK

U2 - 10.1016/S1474-6670(17)36634-X

DO - 10.1016/S1474-6670(17)36634-X

M3 - Conference article

AN - SCOPUS:85064459630

VL - 36

SP - 1065

EP - 1070

JO - IFAC-PapersOnLine

JF - IFAC-PapersOnLine

SN - 2405-8963

IS - 5

ER -