Asset Details
Do you wish to reserve the book?
PrEP: A Framework for Malware and Cyber Weapons
Hey, we have placed the reservation for you!
By the way, why not check out events that you can attend while you pick your title.
Oops! Something went wrong.
Looks like we were not able to place the reservation. Kindly try again later.
Are you sure you want to remove the book from the shelf?
PrEP: A Framework for Malware and Cyber Weapons
Do you wish to request the book?
PrEP: A Framework for Malware and Cyber Weapons
Please be aware that the book you have requested cannot be checked out. If you would like to checkout this book, you can reserve another copy
We have requested the book for you!
Your request is successful and it will be processed during the Library working hours. Please check the status of your request in My Requests.
Oops! Something went wrong.
Looks like we were not able to place your request. Kindly try again later.
Conference Proceeding
PrEP: A Framework for Malware and Cyber Weapons
2014
Overview
The contemporary debate over cyber security rests on a set of linguistic artifacts that date from the Cold War. Attempting to glean a starting point for debate over use of terms like \"cyber attack\" or \"cyber war\" is difficult, largely because of lack of agreement on what constitutes a weapon in cyberspace, be it \"weaponized code\" or black hats with root access. For information security professionals, this has led to a proliferation of taxonomies tied to particular vendor anti- virus systems. To social science researchers and the policy community, the result has been unclear definitions and vague terminology, which hinder academic progress and the development of effective policy. This paper offers a modular approach to define malware and classify cyber weapons using the PrEP framework of Propagation Method, Exploit, and Payload. A Propagation Method (Pr) is the means by which a weapon is inserted into a target network or system, such as an infected USB stick or email carrying a compromised attachment. An Exploit (E) is code designed to exploit some aspect of a software system which allows third parties to effect unintended operations or consequences. A Payload (P) is the heart of a cyber-weapon: software written to achieve a particular goal such as stealing password files or deleting documents. As developed in this paper, a Cyber Weapon is the combination of three software components: a Propagation Method, one or several Exploits, and a Payload designed to create destructive physical or logical effects. Defining malware requires a difficult combination between technical specificity and conceptual breadth. The PrEP framework attempts to balance these concerns while building out a set of concepts useful to both research and policy communities.
