What if a virus could change its appearance each time it infects a machine? What if a virus used your own files against you by ransacking your computer programs for the bits of code it needs? Judging from the progress made on the Frankenstein virus, a venture sponsored by the US Air Force, that may soon be a reality.
Developed by two professors at the University of Texas at Dallas, New Scientist says the Frankenstein virus is essentially a program compliler with directions about the algorithms it needs to assemble. Once unpacked and functional, it begins searching the software on your computer for the code it needs — generally taking little snippets called gadgets. These gadgets are written to perform specific actions and thus can be transposed over to another program more easily. The researchers only had the Frankenstein virus create two simple algorithms as a proof of concept, but they believe it can assemble any program, including full-scale malware.
Although there have been other viruses that can change their code in a similar way, Frankenstein is believed to be more dangerous because it can also change every aspect of itself to hide on your computer.
Frankenstein is different because all of its code, including the blueprints and gadget-finder, can adapt to look like parts of regular software, making it harder to detect. Just three pieces of such software are enough to provide over 100,000 gadgets, so there are a huge number of ways for Frankenstein to build its monster, but it needs blueprints that find the right balance. If the blueprint is too specific, it leaves Frankenstein little choice in which gadgets to use, leading to less variation and making it easier to detect. Looser blueprints, which only specify the end effects of the malware, are too vague for Frankenstein to follow, for now.
Image: gualtiero boffi/Shutterstock