Viruses - Undergraduate Project

I'm a computer science undergraduate student interested in doing my
final year project regarding viruses. The project needs to be done in
a team of 4 students and will go on for about an year, and it has to
have both academic value and and end product to present. Though I
really wish to do a project in the area of viruses, detection of
viruses, mutaion engines, etc, I can't find or think of any suitable
project ideas that would suit the criteria. So I wonder if anyone can
present some ideas that would make a suitable project?

Re: Viruses - Undergraduate Project

"black0fire@gmail.com" wrote in
news:1179986024.333925.284720@o5g2000hsb.googlegroups.com:

> I'm a computer science undergraduate student interested in doing my
> final year project regarding viruses. The project needs to be done in
> a team of 4 students and will go on for about an year, and it has to
> have both academic value and and end product to present. Though I
> really wish to do a project in the area of viruses, detection of
> viruses, mutaion engines, etc, I can't find or think of any suitable
> project ideas that would suit the criteria. So I wonder if anyone can
> present some ideas that would make a suitable project?
>
>

Hmm. What about a Malware scanner? You can find samples to study easily
enough. The academic value will be in learning the details of the windows
registry, and file system as well as what various system files do and are
used for. The end product will be the scanner that's able to detect and
succesfully remove the samples you'll find if you look around.



--
Dustin Cook
Author of BugHunter - MalWare Removal Tool - v2.2c
email: bughunter.dustin@gmail.com.removethis
web..: http://bughunter.it-mate.co.uk
Pad..: http://bughunter.it-mate.co.uk/pad.xml

Re: Viruses - Undergraduate Project

"black0fire@gmail.com" wrote:

> I'm a computer science undergraduate student interested in doing
> my final year project regarding viruses.

What school would devote so much of an undergraduate curriculum to
viruses?

What textbooks are even available that give detailed operational
information to recent virus families?

Viruses are product and OS specific and don't justify credible
academic study, let alone at the undergraduate level. Viruses are the
result of attempts to leverage known vulnerabilities in commercial
software. Such specificity does not make them worthy of academic
study. Viruses do not employ concepts that you would normally
implement in non mal-code for legit reasons.

How much are you paying for your computer science tuition? What
employers are going to be impressed that you spent a year of your CS
degree fooling around with pseudo-viral code?

There are far more basic concepts in computer science that you should
be learning.

The only thing you should be learning in computer science with respect
to malware is how to write code that is not vulnerable to malware,
such array bounds checking, correct parameter parsing and handling,
etc.

If colleges and universities integrate the "study" of viruses into
their course material, then why not the study of satellite card
hacking? DSS and AACS video hacking and decryption?

Just because it's popular doesn't mean it's science.

Re: Viruses - Undergraduate Project

"black0fire@gmail.com" (07-05-23 22:53:44):

> I'm a computer science undergraduate student interested in doing my
> final year project regarding viruses. The project needs to be done in
> a team of 4 students and will go on for about an year, and it has to
> have both academic value and and end product to present. Though I
> really wish to do a project in the area of viruses, detection of
> viruses, mutaion engines, etc, I can't find or think of any suitable
> project ideas that would suit the criteria. So I wonder if anyone can
> present some ideas that would make a suitable project?

Well, since you have picked such a popular topic, there isn't much left
to write about. If you have proper knowledge, including how they work
and how to write your own, don't waste your time with collecting
information that is well-known anyway. Be creative. A few questions
you could address:

What are future viruses going to look like?
How will they work?
In what way will they be different?
What will their purposes be?
Which new technologies will be used/abused?
Why is writing a virus much easier than detecting it?

In the past, viruses were written to pop up a funny message once in a
while or otherwise confuse the user. Very few viruses (I reckon less
than 10%) were destructive. Now viruses tend to have social or even
economic purposes. In what ways can viruses be used criminally?

Another interesting point is the psychological view. Why are there
botnets with millions of bots? A lot of people don't care much about
security; why? Will that change? In what way will it change? How
could we promote security?


Regards,
Ertugrul Söylemez.


--=20
Security is the one concept, which makes things in your life stay as
they are. Otto is a man, who is afraid of changes in his life; so
naturally he does not employ security.

Re: Viruses - Undergraduate Project

black0fire@gmail.com wrote:
> I'm a computer science undergraduate student interested in doing my
> final year project regarding viruses. The project needs to be done in
> a team of 4 students and will go on for about an year, and it has to
> have both academic value and and end product to present. Though I
> really wish to do a project in the area of viruses, detection of
> viruses, mutaion engines, etc, I can't find or think of any suitable
> project ideas that would suit the criteria. So I wonder if anyone can
> present some ideas that would make a suitable project?

the obvious project idea would be some kind of malware detector (since
you're required to have an end product) but i'm not sure what you could
accomplish in a year would be all that interesting (at least not if you
went the known-malware scanner route - maybe if you looked at heuristics
or some other alternative technology)...

a less obvious but perhaps more interesting angle might be automated
malware analysis/classification...

--
"it's not the right time to be sober
now the idiots have taken over
spreading like a social cancer,
is there an answer?"

Re: Viruses - Undergraduate Project

Virus Guy wrote:
[snip]
> Viruses are product and OS specific and don't justify credible
> academic study,

tell that to fred cohen...

--
"it's not the right time to be sober
now the idiots have taken over
spreading like a social cancer,
is there an answer?"

Re: Viruses - Undergraduate Project

"kurt wismer" to Virus Guy:

> [snip]
>> Viruses are product and OS specific and don't justify credible
>> academic study,
>
> tell that to fred cohen...

Virus Guy is mostly right there, though he somewhat overstated
the case that there is nothing of academic worth in studying
computer virus, or more generally malware, related issues.

That said however, note the dearth of _significant_ virus or
malware related PhD theses presented since Fred's. When it
comes to the theoretically significant aspects of computer
viruses, Fred pretty wrote the book and put the _academic_
field to bed all in one move.

Of course, various "populists" have come along since, offering
various courses of questionable academic and/or pedagogical
value, but which I'm sure have produced nice economic returns
to their hosting institutions because of the "sexiness" of
(superficially) studying hot-button topics. However, such
economic "success" does not make those studies worthwhile. If
you need to spend more than a few minutes of your entire life
pondering the theoretical, academic and practical significance
of "runs arbitrary code on the target computer", then CS is
clearly the wrong field for you...


--
Nick FitzGerald

Re: Viruses - Undergraduate Project

"kurt wismer" to black0fire@gmail.com:

>> I'm a computer science undergraduate student interested in doing my
>> final year project regarding viruses. The project needs to be done in
>> a team of 4 students and will go on for about an year, and it has to
>> have both academic value and and end product to present. Though I
>> really wish to do a project in the area of viruses, detection of
>> viruses, mutaion engines, etc, I can't find or think of any suitable
>> project ideas that would suit the criteria. So I wonder if anyone can
>> present some ideas that would make a suitable project?
>
> the obvious project idea would be some kind of malware detector (since
> you're required to have an end product) but i'm not sure what you
> could accomplish in a year would be all that interesting (at least not
> if you went the known-malware scanner route - maybe if you looked at
> heuristics or some other alternative technology)...
>
> a less obvious but perhaps more interesting angle might be automated
> malware analysis/classification...

Agreed. Taking on even a most basic detector with four folk for
a year doesn't provide much scope to do anything much useful, but
taking one of Kurt's suggestions and looking at gluing such
functionality into ClamAV would save you the drudgery of having to
do much of the "run of the mill" stuff of developing a scanner (as
that code is already there, albeit in fairly rudimentary form much
of the time). This may also have the side-effect of actually
introducing something truly worthwhile into ClamAV...

Finally, for the OP, it seems that this is an area well outside the
gambit of your chosen institution and its instructors. If your
motivation for doing something "regarding viruses" is that you think
you want to work in the AV field, you should have considered doing
a summer internship at one of the AV companies to get more of a feel
for the kinds of things of most relevance to them. As that is
presumably no longer an option, rather than doing something
"regarding viruses" you may do better to find an area of CS that is
of significant interest to one of your profs but that can clearly be
tied back to something of relevance to AV, even if that use is not
to your prof's interest.


--
Nick FitzGerald

Re: Viruses - Undergraduate Project

Well, I've done a bit of research, and, for reasons mostly already
pointed out in this thread, I'm now thinking for going for something
else. Like Nick and others have pointed out, I don't really see
anything novel that can be done at the undergraduate level, and I've
got some ideas from regarding AI and Gaming, so I think I'll start
looking at that side. But thanks for the posts anyway guys, learned a
lot from them.

And VirusGuy, lighten up.

p.s. One question for Nick - you said "If you need to spend more than
a few minutes of your entire life pondering the theoretical, academic
and practical significance of "runs arbitrary code on the target
computer", then CS is clearly the wrong field for you... " - can you
elaborate on that? While I'm interested in Viruses, I think career
opportunities are kind of limited in that area - so its better kept as
a hobby?

On May 27, 6:51 am, "Nick FitzGerald"
wrote:
> "kurt wismer" to black0f...@gmail.com:
>
>
>
> >> I'm a computer science undergraduate student interested in doing my
> >> final year project regarding viruses. The project needs to be done in
> >> a team of 4 students and will go on for about an year, and it has to
> >> have both academic value and and end product to present. Though I
> >> really wish to do a project in the area of viruses, detection of
> >> viruses, mutaion engines, etc, I can't find or think of any suitable
> >> project ideas that would suit the criteria. So I wonder if anyone can
> >> present some ideas that would make a suitable project?
>
> > the obvious project idea would be some kind of malware detector (since
> > you're required to have an end product) but i'm not sure what you
> > could accomplish in a year would be all that interesting (at least not
> > if you went the known-malware scanner route - maybe if you looked at
> > heuristics or some other alternative technology)...
>
> > a less obvious but perhaps more interesting angle might be automated
> > malware analysis/classification...
>
> Agreed. Taking on even a most basic detector with four folk for
> a year doesn't provide much scope to do anything much useful, but
> taking one of Kurt's suggestions and looking at gluing such
> functionality into ClamAV would save you the drudgery of having to
> do much of the "run of the mill" stuff of developing a scanner (as
> that code is already there, albeit in fairly rudimentary form much
> of the time). This may also have the side-effect of actually
> introducing something truly worthwhile into ClamAV...
>
> Finally, for the OP, it seems that this is an area well outside the
> gambit of your chosen institution and its instructors. If your
> motivation for doing something "regarding viruses" is that you think
> you want to work in the AV field, you should have considered doing
> a summer internship at one of the AV companies to get more of a feel
> for the kinds of things of most relevance to them. As that is
> presumably no longer an option, rather than doing something
> "regarding viruses" you may do better to find an area of CS that is
> of significant interest to one of your profs but that can clearly be
> tied back to something of relevance to AV, even if that use is not
> to your prof's interest.
>
> --
> Nick FitzGerald

Re: Viruses - Undergraduate Project

"black0fire@gmail.com" wrote:

> And VirusGuy, lighten up.

Why don't you look into a project that involves detecting or
mitigating spam?

Lots of CS concepts there. From the SMTP handshake to greylisting to
content heuristics, there are lots of aspects of spam detection and
spam deflection that could be explored from an academically worthy
point of view.

> p.s. One question for Nick - you said "If you need to spend more
> than a few minutes of your entire life pondering the theoretical,
> academic and practical significance of "runs arbitrary code on the
> target computer", then CS is clearly the wrong field for you... "
>
> - can you elaborate on that?

I think what he means is that in practically all cases, the action or
mechanism of a virus is to "run arbitrary code on the target
computer", which is not a particularly advanced concept from a
theoretical or academic point of view.

On the other hand, the task of scanning a file system against
thousands of data templates (virus definitions, for example) can
involve advanced CS theories and concepts in order to optimize the
task. How to search a haystack systematically for a needle, and do it
as fast as possible and do it without false positive or false negative
results.

Re: Viruses - Undergraduate Project

Nick FitzGerald wrote:
> "kurt wismer" to Virus Guy:
>
>> [snip]
>>> Viruses are product and OS specific and don't justify credible
>>> academic study,
>> tell that to fred cohen...
>
> Virus Guy is mostly right there, though he somewhat overstated
> the case that there is nothing of academic worth in studying
> computer virus, or more generally malware, related issues.
>
> That said however, note the dearth of _significant_ virus or
> malware related PhD theses presented since Fred's. When it
> comes to the theoretically significant aspects of computer
> viruses, Fred pretty wrote the book and put the _academic_
> field to bed all in one move.
>
> Of course, various "populists" have come along since, offering
> various courses of questionable academic and/or pedagogical
> value, but which I'm sure have produced nice economic returns
> to their hosting institutions because of the "sexiness" of
> (superficially) studying hot-button topics.

hmmm... i considered following up with "maybe i should have said tell
that to richard ford", but given the above, perhaps that's not good
enough...

--
"it's not the right time to be sober
now the idiots have taken over
spreading like a social cancer,
is there an answer?"

Re: Viruses - Undergraduate Project

"kurt wismer" wrote:

> hmmm... i considered following up with "maybe i should have said tell
> that to richard ford", but given the above, perhaps that's not good
> enough...

I'd be surprised if Dicky's courses are not worthwhile and largely
beyond my "populist" tag -- I had some rather more egregious examples
in mind involving folk with no history of publishing anything in the
area before starting their courses and who were completely unknown
within antivirus research circles...


--
Nick FitzGerald

Re: Viruses - Undergraduate Project

wrote:

> p.s. One question for Nick - you said "If you need to spend more than
> a few minutes of your entire life pondering the theoretical, academic
> and practical significance of "runs arbitrary code on the target
> computer", then CS is clearly the wrong field for you... " - can you
> elaborate on that? While I'm interested in Viruses, I think career
> opportunities are kind of limited in that area - so its better kept as
> a hobby?

Mainly what "Virus Guy" said.

Viruses, and most malware in general, are not a particularly significant
_academic_ issue. As I said, Fred Cohen "wrote the book" on the theory
surrounding such, and as I suggested, it pretty much did the whole field
to death at the same time, as there has been very little of academic
interest, much less significance, since.

The pragmatics of implementing the technology needed to realize what the
theory tells us we should do to thwart viruses is also not terribly
interesting or pedagogically significant (from the perspective of the
idealized goals of academic tertiary education), and the pragmatics of
implementing the grossly flawed approach that has been almost
universally
adopted instead of what Cohen's work tells us is the only useful
approach
are only slightly more interesting, but again, I would argue, hardly the
basis of anything of tertiary academic significance.

Of course, if your objective is just that this should help you get a
job,
go to the best school you can afford that suckles heavily at the teat of
commercial expedience...


--
Nick FitzGerald

Re: Viruses - Undergraduate Project

Greetings.

It is true that much of the foundational work in the theoretical field
of computer viruses covered most of the areas of academic interest
pertaining to replicators. However, I think it is something of an
oversimplification to say that therefore the field does not have and
will never have any more academic significance. There are areas (such
as functional equivalence, or machine learning) which pose incredibly
difficult problems and which could be (and, to some extent are)
implemented by virus authors, and which are current areas of academic
research.

I think it is also erroneous to say that practical concerns hold no
interest in the academic world (not that any of the previous posters
were saying this; I merely wish to drive home a point). For example,
current research into wireless sensor networks is based almost
entirely around data collected from real-world applications. The
theoretical limits of ZigBee networks were established when the
standard was first introduced, but it is of great academic interest as
to the best way to deploy such networks and why - not to mention the
vast commercial interest in such solutions.

Further, I think that it is important to see the fact of computer
viruses as separate from the theoretical concept of building a certain
entity from basic building blocks, attuned to some environment, which
can replicate. Computers currently provide the only affordable,
easily understandable development platform for such entities, but it
is not hard to foresee the adoption of tailored viruses into the
biomedical arena in the near future. Current medication-based
treatment has been described as firing a gun into a dark room and
hoping that the bullet hits a rat.

All things considered, I think that viruses and the theory and
practice of their development and deployment will at some stage in the
future be a very hot research topic; but, most likely, not where they
relate to computers. So, yeah, it would probably serve you better to
choose a different topic. But, as for learning the ins and outs of
virus writing as a hobby, I would certainly encourage you. There is
no such thing as evil knowledge or information; while it is true that
the uses to which such knowledge can be put can have a very negative
impact, I think that all knowledge has the potential to have a very
positive impact.

Cheers,
disturbd.

Re: Viruses - Undergraduate Project

Remove the samples you'll find if you look around.
"Nick FitzGerald" wrote in message
news:l-qdnS5gmZv3TMXbnZ2dnUVZ_oOknZ2d@giganews.com...
> "kurt wismer" to Virus Guy:
>
>> [snip]
>>> Viruses are product and OS specific and don't justify credible
>>> academic study,
>>
>> tell that to fred cohen...
>
> Virus Guy is mostly right there, though he somewhat overstated
> the case that there is nothing of academic worth in studying
> computer virus, or more generally malware, related issues.
>
> That said however, note the dearth of _significant_ virus or
> malware related PhD theses presented since Fred's. When it
> comes to the theoretically significant aspects of computer
> viruses, Fred pretty wrote the book and put the _academic_
> field to bed all in one move.
>
> Of course, various "populists" have come along since, offering
> various courses of questionable academic and/or pedagogical
> value, but which I'm sure have produced nice economic returns
> to their hosting institutions because of the "sexiness" of
> (superficially) studying hot-button topics. However, such
> economic "success" does not make those studies worthwhile. If
> you need to spend more than a few minutes of your entire life
> pondering the theoretical, academic and practical significance
> of "runs arbitrary code on the target computer", then CS is
> clearly the wrong field for you...
>
>
> --
> Nick FitzGerald
>

Re: Viruses - Undergraduate Project

Lurker/newbie samantha wrote:

> Remove the samples you'll find if you look around.

What the hell does that mean?