ABSTRACT
In recent years, malicious software (malware) has become one of the most
insidious threats in computer security, having been used, in its various
forms, with high level of success for a myriad of nefarious purposes. However,
this is arguably not the result of increased sophistication in malware design
or attack strategies, but rather of the increased presence of computers and
computer networks within every aspect of society, offering an increased number
of services through increasingly complex and vulnerability-ridden software.
In this presentation, we will address and defend the commonly shared point of
view that the worst is very much yet to come. We introduce an aim-oriented
performance theory for malware and malware attacks, within which we identify
some of the performance criteria for measuring their “goodness” with
respect to some of the typical objectives for which they are currently used.
We also use the OODA-loop model, a well-known paradigm of command and control
borrowed from military doctrine, as a tool for organising (and reasoning about)
the behavioural characteristics of malware and orchestrated attacks using it.
We then identify and discuss particular areas of malware design and deployment
strategy in which very little development has been seen in the past, and that
are likely sources of increased future malware threats. Finally, we discuss
how standard optimisation techniques could be applied to malware design, in
order to allow even moderately equipped malicious actors to quickly converge
towards optimal malware attack strategies and tools fine-tuned for the current
Internet.
(This is joint work with Pierre-Marc Bureau)
BIOGRAPHY
Dr. Fernandez is an assistant professor in the Department of Computer
Engineering at the École Polytechnique de Montréal since 2004.
His main area of research is computer networks security and Web applications
security. He teaches the introductory 4th-year computer-security, a class that
is now mandatory for all students in the computer and software engineering
programmes at Polytechnique. He has several years of professional experience
as a practitioner of Information Security in both industry and government. He
is a member of the board of the Association de la sécurité de
l'information du Montréal Métropolitain (ASIMM), a not-for-profit
organisation of more than 250 IS security professionals in the Montreal region,
where he is responsible for conferences and professional development events.
He is also an Engineer and member of the Ordre des ingénieurs du
Québec. He holds two Bachelor's degrees in Mathematics and Computer
Engineering from MIT, a Master's in Cryptology from the University of Toronto
and a Ph.D. in Quantum Computing from the Université de Montréal.