Friday, December 4, 2009

Proper Use of English Could Get a Virus Past Security

Hackers could evade most existing antivirus protection by hiding malicious code within ordinary text

Johns Hopkins University security researcher Josh Mason says hackers could potentially evade most existing antivirus programs by hiding malicious code within ordinary text. Mason and colleagues have discovered how to hide malware within English-language sentences. Mason developed a way to search a large set of English text for combinations of words that could be used in malicious code.

This potential weakness has been recognized in the past, but many computer security experts believed that the rules of English word and sentence construction would make executing an attack through the English language impossible. Machine code requires the use of character combinations not usually seen in plain text, such as strings of mostly capital letters.

University College London security researcher Nicolas Courtis says malicious code hidden in plain language would be "very hard if not impossible to detect reliably." Mason and colleagues presented their research at the recent ACM Conference on Computer and Communications Security, but were careful to omit some of their methodology to avoid helping potential hackers.

I'd be astounded if anyone is using this method maliciously in the real world, due to the amount of engineering it took to pull off.

Refer here to read more details.

No comments: