Rafail Ostrovsky - Publications

Provably Secure Virus Detection:Using the Observer Effect Against malware

Richard J Lipton, Rafail Ostrovsky, Vassilis Zikas


Protecting software from malware injection is one of the biggest challenges of modern computer science. Despite intensive efforts by the scientific and engineering community, the number of successful attacks continues to increase. This work sets first footsteps towards a provably secure investigation of malware detection. We provide a formal model and cryptographic security definitions of attestation for systems with dynamic memory, and suggest novel provably secure attestation schemes. The ley idea underlying our schemes is to use very insertion of the malware itself to allow for the systems to detect it. This is in our opinion, close in spirit to quantum Observer Effect. The attackers, no matter how clever, no matter when they insert their malware,change the state of the system they are attacking. This fundamental idea can be a game changer. And our system does not rely on heuristics ; instead our scheme enjoys the unique property that it is proved secure in a formal and precise mathematical sense and with minimal and realistic CPU modification achieves strong provable security guarantees. We envision such systems with a formal mathematical security treatment as a venue for new directions in software protection.

comment: ICALP 2016: 32: 1-32:14

Fetch PDF file of the paper

Back to Publications List