Maximize
Bookmark

VX Heaven

Library Collection Sources Engines Constructors Simulators Utilities Links Forum

AMCW - A New Weapon for the New Millennium

Sung Yang
September 1999

[Back to index] [Comments]
"A popular fantasy is to suppose that flying machines could be used to drop dynamite on the enemy in time of war."
William Henry Pickering, 1908
"The aeroplane is the invention of the devil and will never play any part in such a serious business as the defence of a nation."
Sir Sam Hughes, Minister of National Defence, Canada, 1914

WHAT IS AMCW?

Autonomous Mobile Cyber Weapon (AMCW) is a novel type of computer organism (viruses or worms) that is capable of cruising and is designed for or usable in cyber wars or espionage. Conventional viruses or worms are considered autonomous and mobile, however, they're not practicable as a defense tool and have no significant threat as an offensive tool due to lack of sophistication in movement, the inability to cruise. Thus, programs including conventional computer viruses that don't have ability to cruise are excluded from AMCW.

AMCW may be applicable to defense, intelligence and surveillance. For example, police may use AMCW to monitor activity of drug cartel, gangs, and other illicit groups. AMCWs don't seem to exist in this moment, however, the existence is very likely in near future.

PROBLEM IN MILITARY APPLICATION OF COMPUTER VIRUSES

Military application of viruses could have long been sought, however, the biggest problem that prevented or limited military use was the poor movement of viruses. (viruses also refer to worms) The movement of conventional viruses is primitive that all existing computer viruses don't have an ability to move toward specific destinations as they only have wandering ability as self-movement. So conventional viruses are spread all over the place after releasing. The movement that conventional computer viruses have is wandering as self-activated movement. In fact, the movement of viruses isn't intentional but natural effect of growth in number (reproduction). If a virus is launched against adversaries, the virus will spread everywhere that the virus can infect and harm whether adversaries or allies. So everyone knows that releasing a virus for a military operation isn't a smart idea unless the virus is directly delivered into adversaries computer systems. Delivery and duplication are another means of virus movements, and is distinguished from self-movement of viruses, such as wandering. They're called nonself-movement. The nonself-movement, especially delivery, opens the potentiality of defense application for viruses. Otherwise, there is no hope at all for defense use of conventional virus. Since the movement of viruses are so poor and primitive, cyber soldiers may penetrate and deliver viruses into adversaries' computer system during cyber conflicts or deliver them into adversaries by alternative means. However, the virus not only infect adversary's computer systems but would spread all over the world unless detected and removed.

In fact, many existing viruses are written poorly. Viruses are known to be written for someone's emotional satisfaction by his spare time with his limited resource and knowledge in computer science and technology.

Computer virus is one of the things about which we may have big confidence but we may know little. No research institutes or academic institutes known to engage in computer virus research. The major research activities are analysis of newly captured viruses' compositions to find binary sequence; and development of virus scanners that can recognize the binary sequence in response to the demands form the marketplace. Misinformation and poor understanding on viruses are prevalence. The primitiveness in movement and poor craftsmanship of virus may have made us to believe, viruses are trivial and defense application of the triviality, computer viruses, is more like a scientific fiction. And our poor understanding and knowledge in viruses also lead us to think that viruses will continue to remain trivial and there is no room to grow for them and a number of simple technologies are only options to be used for designing and developing viruses and other computer organisms such as worms. As a result of these false beliefs, far inadequate attention has been given on defense application of viruses. The vulnerability of information systems as result of such application is also not considered.

VIRUS MOVEMENT RESEARCH

A recent research into computer virus movement has shown a novel property of virus (a behavior of virus), cruise. The discovery tells that computer viruses can have ability to travel from a source to specifically defined or aimed destination themselves. Conventional viruses or worms neither have specifically define destinations to be arrived nor have sophisticated movement of traveling from a source to a defined or aimed destination. Conventional viruses or worms may still be able to spread from a source to other computers, however, the chance of a virus that was released from a source and arrive at an aimed destination is very low or near to zero. Conventional viruses or worms spread in all directions without aimed or defined destinations, however, a virus with cruise property has clearly defined destinations and travel along the best route. Thus, it makes very efficient trip from a source to the destination.

It means that a computer virus that has cruise ability can be launched and it can autonomously travel to a specifically defined or aimed destinations over computer networks, e.g. the Internet. The biggest obstruction in defense use of conventional virus as an autonomous mobile weapon was the inability to cruise, however, the research showed that virus can have the sophisticated movements of cruise from a source to defined or aimed destinations. This implies that defense use of viruses is feasible as an autonomous mobile cyber weapon. The research also revealed the fact that our computer systems including computer systems in defense and business sectors are vulnerable by attacks using such cyber weapon. The cruise is yet novel concept in computer science, antivirus industry, and in defense research. There was previously no discussion or research on the concept of cruise.

Viruses are still remained as the symbol of vandalism on computer systems or cyberspace. And no one yet gives adequate attention on the vulnerabilities due to advanced movement of viruses, which is very feasible and is expected to be emerged. The potentiality of viruses is a part of our ignorance, now. Our lack of understanding on viruses has prevented us from using it as defense tools, and our limited imagination prevents us to find some other good applications of computer viruses and other computer organisms.

WHAT DOES 'AUTONOMOUS' MEAN?

Autonomy gives high productivity and purchasability. AMCW could replace cyber soldiers (a person, especially with hackers' skills and knowledge, who engages in wars, conflicts and/or espionage in cyberspace) can carry out tasks more effectively instead of manual operations by cyber soldiers or even assist cyber-solders. AMCW can work 24 hours a day and everyday without rest. Since AMCW is a type of computer organism, they can easily reproduce themselves to increase productivity or chances of accomplishing their goals.

WHAT DOES 'MOBILE' MEAN?

Self-movement of AMCW can provide untraceability and multiplication characteristics. As an autonomous weapon, the untraceability makes the sender or owner of AMCW anonymous.

IS AMCW PRACTICABLE?

Any mobile program such as viruses or worms only showed aimless and random movements; the movements are very inefficient. So viruses were never be able to reach an aimed computer unless delivered by some one or other means. If it were possible, so far why wouldn't we have seen any? Does it mean AMCW is impracticable?

The probability of a conventional virus reaching an aimed or desired destination would be near to zero. For example, someone releases a virus in hoping to reach a specifically aimed computer in other country. The virus will tend to grow in number and be spreading to all over the world. In some point, one of them will be captured and analyzed. This will lead to a development of the detection and removal means against the virus and the rest of them before further grow and spread. Thus, for a conventional virus reaching an aimed destination appears to be impracticable.

No programs even demonstrated the capability of aiming specific computers. Since AMCW is a type of computer organism, and the chance of reaching an aimed destination seems to be near zero. Then is AMCW impracticable?

WHY AMCW IS PRATICABLE

No programs have shown the capability of aiming specific computers because of all conventional viruses or worms have wandering as self-movement. In order to have the aiming capability for a virus, either cruise or hunt movement is required.

For the most computer organisms, the movement of viruses or worms, in fact, come from nonself-movements, duplication and delivery. Self-activated moving capability is too weak usually can not even escape a computer by themselves. Most viruses did not move themselves but we still infected by viruses because they were delivered or duplicated. For example, we accidentally share a virus contaminated document or disks, also download infected programs. In this time of writing, 97, the most powerful self-movement we ever seen was the Internet Worm, which demonstrated powerful self-movement from a machine to hundreds of other machines in few days. Despite of the powerful ability of the self-movement, it was not considered sophisticated. The movement was random and aimless. We may witness more powerful self-movement, however, programs can not efficiently travel to an aimed destination by themselves without cruise property. No conventional viruses have cruise property, exhibiting the ability of aiming specific computers, however, a virus with cruise property can exhibit the ability of aiming specific computers.

Previously, the chance of reaching an aimed destination is considered almost zero, however, a virus with cruise ability has very high chance of success. Any virus that has neither cruise nor hunt ability tend to spread all over the machines. Each machine has its own immunity. Some computer has high immunity while others have low immunity against viruses or other computer organisms. (Usually computers do not have immunity against newly created viruses, however, once the viruses are analyzed, computers will begin to have immunity against the viruses.) The more wide spread a virus, the easier to discover the virus and analyze for immunity of computers. Thus, conventional computer viruses are, in fact, very easier to capture since large population of a particular kind of virus is likely available as they grows in number continuously. However, AMCW or a virus that has cruise ability is very different in their movement. AMCW neither tend to spread all over the machines nor world but take the weakest computers in immunity to make trip to an aimed destination. Thus, the sophisticated movement of AMCW makes big difference in accomplishing trips from a source to a destination.

A program (virus or worm) can have very efficient movement to aimed destinations. What makes such sophisticated movement possible is 'cruise'. Cruise is an alternative self-movement to wandering, is the most efficient movement from a source to an aimed or defined destination. For example, a virus that is designed to travel to a specific destination would take the best path, which provides the highest chance of accomplishing trips, among a number of available paths.

In order to make forceful movement from a computer to another, it may use emailing method and/or password break. A virus will be emailed with forged sender identity to an aimed destination or the virus penetrate into the destination by breaking password. The forceful self-movement (across computers) from a computer to another had been demonstrated by the Internet Worm (1988) and Christmas Card (1987). And password cracking programs (Crack, CrackerJack, etc.) and password sniffing programs exhibit some technique and the feasibility of obtaining passwords. These techniques may be used to make forceful self-movements for AMCW.

HOW HAS AMCW BEEN COINED?

It's been ignore that a program can make sophisticate and intentional travel to an aimed destination in electronic networks, however, a research into movement of viruses unlocked the nature of the movement.

DO WE NEED AMCW?

Little more than a century ago, most people didn't believe a machine could fly, and thinking of application of the flying machines was nonsense. Nowadays, the flying machines became true and necessary transportation means. Why do we need AMCW or programs that travel across electronic networks?

AMCW has great potential as sophisticated and powerful defense tool for use of patrol, surveillance, intelligence, law enforcement and defense against crime, violence and war. However, the uses of AMCW by illicit groups against government and legitimate organizations and individuals are not prohibitive like a gun, which may be carried by a law enforcement agent while it could also be used by someone against law.

IS IT POSSIBLE AN INDIVIDUAL USE AMCW TO TARGET SOMEONE ANONYMOUSLY?

The use of AMCW would not be limited to organizations but individuals with relatively simply and less sophisticated AMCW. It could be very possible that a simple AMCW that was designed to target against someone for even malicious purpose. This would be even much easier to succeed in this moment because currently antiviral efforts are mainly focused on viruses that move by duplication, delivery and wandering but cruise. So there is a security hole for an malicious AMCW to strike innocent individuals especially on the Internet. AMCW can be maliciously designed to sniff passwords and obtain data in someone else's computer, and much more.

HOW TO PREVENT?

Since AMCW has sophisticated movement, it doesn't tend to spread so AMCW isn't as popular as conventional viruses, so it makes difficult to obtain samples to analyze. The sample analysis is critical to develop the virus detection means. Prevention and detection of AMCW has quite different concern contrary to the conventional viruses. Should we try to detect an AMCW that police launched for surveillance against illicit organizations?

HOW MUCH THE R&D OF AMCW PROGRESSED?

No research has been known to be conducted other than by Sung Yang (myself in 1997), and his research has shown cruise, which is the most important to know about feasibility of AMCW. His current research doesn't necessarily aim on development of AMCW but focused on the movement of computer organisms, and tells what factors that affect chance of accomplishing cruise for AMCW.

In order to develop general purpose AMCW, there should be more research dedicated on the particular AMCW issues, for example, how to make cyber-map along which AMCW makes movements. In this sense, AMCW is not far from its birth.

WHO IS MAKING AMCW?

No one has reportedly been engaging in such activity (in 1997). Since it has commercial value and use, AMCW may be built by commercial organizations in collaboration with research institutes. It's unknown who is currently making AMCW. So far, AMCW is considered not yet exist (in this time, 1997). However, defense contractors and many software companies are capable of carrying such experiments and developments while universities or research institutes could engage in research to support development of AMCW. In the 21st century, it is very likely that every nation employs AMCW.

HOW TO DEVELOP AMCW?

In order to develop the first practicable AMCW for general purpose and multiple destinations, it would require substantial efforts and cost in research, experiments and development by a number of scientists and software engineers in a period of few years, contrary to the writing conventional viruses in few days or weeks. However, AMCW aiming an easy destination for a special purpose would neither require complexity nor high cost. There are enough information already available to construct simple AMCW for capable persons or organizations.

MOVEMENT OF VIRUSES

Viruses move in two different ways due to two different causes of movement coming from internal and external sources. Virus movement that is caused by internal cause is self-movement (or self-activated movement), and virus movement caused by an external factor is nonself movement. Normally virus movement refers to self-movement.

Nonself-movement is subdivided into delivery and duplication. Delivery is a type of nonself-movement, and doesn't involve growth of a virus in number as a result of movement, but delivery of storage media such as disks, ROM, and other storage media. Duplication is another nonself means of movement, including emailing, downloading, uploading, etc. Nonself movement is discussed later.

Wandering has been the most known form of self-movement. Wandering is random and nondirected movements. Worms like Christmas Card and Internet Worm exhibit wandering. All other known viruses also have wandering property. However, the ability of self-movement is very weak, most of the time, they even could not escape out of a computer on their own. Cruise is a kind of self-movement known since 1996, and is the directed movement from a source to a defined destination

AMCW AND CYBERSHIP

A cybership is a program (a virus or worm) that is capable of cruising. AMCW is simply a cybership that is designed for or usable in conflicts, wars, and espionage in cyberspace.

LEGAL ASPECT OF AMCW

(Does anyone know about this topic?)

[Back to index] [Comments]
By accessing, viewing, downloading or otherwise using this content you agree to be bound by the Terms of Use! vxheaven.org aka vx.netlux.org
deenesitfrplruua