TY - JOUR
T1 - Supervisory control of malicious executables
AU - Phoha, V. V.
AU - Xu, Xin
AU - Ray, A.
AU - Phoha, S.
N1 - Funding Information:
This work has been supported in part by the Army Research Office under Grant No. DAADI9-01-1-0646.
Publisher Copyright:
© 2003 International Federation of Automatic Control.
PY - 2003
Y1 - 2003
N2 - This paper presents a systems-theoretic approach to profile, model, and control malicious executables in computer software. By treating the structural profile of malicious codes as a generator of formal languages, the language recognizer serves as a supervisory controller in the sense that the spread of malicious executables is arrested with the goal of making the virus ineffective. The theoretical foundation and the approach presented in this paper are applicable to a wide class of malicious executables. The controller can be designed as a separate program or as a background process to run on individual machines to monitor other processes. Simulation experiments on supervisory control of a file virus are presented as examples.
AB - This paper presents a systems-theoretic approach to profile, model, and control malicious executables in computer software. By treating the structural profile of malicious codes as a generator of formal languages, the language recognizer serves as a supervisory controller in the sense that the spread of malicious executables is arrested with the goal of making the virus ineffective. The theoretical foundation and the approach presented in this paper are applicable to a wide class of malicious executables. The controller can be designed as a separate program or as a background process to run on individual machines to monitor other processes. Simulation experiments on supervisory control of a file virus are presented as examples.
UR - http://www.scopus.com/inward/record.url?scp=85064459630&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85064459630&partnerID=8YFLogxK
U2 - 10.1016/S1474-6670(17)36634-X
DO - 10.1016/S1474-6670(17)36634-X
M3 - Conference article
AN - SCOPUS:85064459630
SN - 1474-6670
VL - 36
SP - 1065
EP - 1070
JO - IFAC Proceedings Volumes (IFAC-PapersOnline)
JF - IFAC Proceedings Volumes (IFAC-PapersOnline)
IS - 5
T2 - 5th IFAC Symposium on Fault Detection, Supervision and Safety of Technical Processes, Safeprocess 2003
Y2 - 9 June 1997 through 11 June 1997
ER -