Skip to main content
Springer Nature Link
Account
Menu
Find a journal Publish with us Track your research
Search
Saved research
Cart
  1. Home
  2. Journal in Computer Virology
  3. Article

A general definition of malware

  • Original Paper
  • Open access
  • Published: 29 September 2009
  • Volume 6, pages 105–114, (2010)
  • Cite this article

You have full access to this open access article

Download PDF
Save article
View saved research
Journal in Computer Virology Aims and scope Submit manuscript
A general definition of malware
Download PDF
  • Simon Kramer1 &
  • Julian C. Bradfield2 

  • 12k Accesses

  • 61 Citations

  • 4 Altmetric

  • Explore all metrics

Abstract

We propose a general, formal definition of the concept of malware (malicious software) as a single sentence in the language of a certain modal logic. Our definition is general thanks to its abstract formulation, which, being abstract, is independent of—but nonetheless generally applicable to—the manifold concrete manifestations of malware. From our formulation of malware, we derive equally general and formal definitions of benware (benign software), anti-malware (“antibodies” against malware), and medware (medical software or “medicine” for affected software). We provide theoretical tools and practical techniques for the detection, comparison, and classification of malware and its derivatives. Our general defining principle is causation of (in)correctness.

Article PDF

Download to read the full article text

Similar content being viewed by others

Review of the Malware Categorization in the Era of Changing Cybethreats Landscape: Common Approaches, Challenges and Future Needs

Chapter © 2021

Malware Defenses

Chapter © 2024

On Malfunction, Mechanisms and Malware Classification

Article 12 November 2018

Explore related subjects

Discover the latest articles, books and news in related subjects, suggested using machine learning.
  • Computer Crime
  • Computer Ethics
  • General Logic
  • Legal Aspects of Computing
  • Principles and Models of Security
  • Virus
  • Machine Learning Techniques for Android Malware Detection

References

  1. Filiol, E., Helenius, M., Zanero, S.: Open problems in virology. J. Comput. Virol. 1(3–4) (2006)

  2. Kramer, S., Bradfield, J.C.: A general definition of malware. presented at the Workshop on the Theory of Computer Viruses (2008)

  3. Szor P.: The Art and Craft of Computer Virus Research and Defense. Addison-Wesley, Boston (2005)

    Google Scholar 

  4. Brunnstein, K.: From antivirus to antimalware software and beyond: another approach to the protection of customers from dysfunctional system behaviour. In: Proceedings of the National Information Systems Security Conference (1999)

  5. Virus Encyclopedia. http://www.viruslist.com/

  6. European Expert Group for IT-Security. http://www.eicar.org/

  7. Information Warfare Monitor. http://www.infowar-monitor.net/

  8. The Information Warfare Site. http://www.iwar.org.uk/

  9. Clarke E.M. Jr, Grumberg O., Peled D.A.: Model Checking. MIT Press, Cambridge (1999)

    Google Scholar 

  10. Bergstra J.A., Ponse A., Smolka S.A.: Handbook of Process Algebra. Elsevier, New York (2001)

    MATH  Google Scholar 

  11. Fitting M.: First-Order Logic and Automated Theorem Proving. Springer, New York (1996)

    MATH  Google Scholar 

  12. Harrison J.: Handbook of Practical Logic and Automated Reasoning. Cambridge University Press, Cambridge (2009)

    Book  MATH  Google Scholar 

  13. Necula, G.: Proof-carrying code. In: Proceedings of the ACM Symposium on Principles of Programming Languages (1997)

  14. Filiol E.: Les virus informatiques: théorie, pratique et applications, 2nd edn. Springer, France (2009)

    MATH  Google Scholar 

  15. Adleman, L.: An abstract theory of computer viruses. In: Proceedings of CRYPTO, vol. 403 of LNCS (1988)

  16. Cohen, F.: Computer viruses: Theory and experiments. J. Comput. Secur. 6 (1987)

  17. Dowling, W.F.: There are no safe virus tests. Am. Math. Mon. 96(9) (1989)

  18. Jacob, G., Debar, H., Filiol, E.: Behavioral detection of malware: from a survey towards an established taxonomy. J. Comput. Virol. 4(3) (2008)

  19. Bradfield, J., Stirling, C.: Handbook of Modal Logic, chapter Modal Mu-Calculi. (2007)

  20. Alberucci, L., Salipante, V.: On modal  μ-calculus and non-well-founded set theory. J. Philos. Log. 33(4) (2004)

  21. Bonfante, G., Kaczmarek, M., Marion, J.-Y.: On abstract computer virology from a recursion theoretic perspective. J. Comput. Virol. 1(3–4) (2006)

  22. Fisher, J.A., Henzinger, T.A.: Executable cell biology. Nat. Biotechnol. 25 (2007)

  23. Webster, M., Malcolm, G.: Formal affordance-based models of computer virus reproduction. J. Comput. Virol. 4(4) (2008)

  24. Weaver, N., Paxson, V., Staniford, S., Cunningham, R.: A taxonomy of computer worms. In Proceedings of the ACM workshop on Rapid malcode (2003)

  25. Goranko, V., Otto, M.: Handbook of Modal Logic, chapter Model Theory of Modal Logic. (2007)

  26. Dovier, A., Piazza, C., Policriti, A.: An efficient algorithm for computing bisimulation equivalence. Theor. Comput. Sci. 311(1–3) (2004)

  27. Salomon D.: Foundations of Computer Security. Springer, Berlin (2006)

    Google Scholar 

  28. Lawson, G.: On the trail of the Conficker worm. Computer (2009)

  29. Clarke, E., Grumberg, O., Jha, S., Lu, Y., Veith, H.: Counterexample-guided abstraction refinement for symbolic model checking. J. ACM 50(5) (2003)

  30. Webster, M., Malcolm, G.: Detection of metamorphic and virtualization-based malware using algebraic specification. J. Comput. Virol. 5(3) (2009)

  31. Bonfante, G., Kaczmarek, M., Marion, J.-Y.: Architecture of a morphological malware detector. J. Comput. Virol. 5(3) (2009)

  32. Dalla Preda, M., Christodorescu, M., Jha, S.: A semantics-based approach to malware detection. ACM Transactions on Programming Languages and Systems 30(5) (2008)

  33. Blackburn, P., van Benthem, J., Wolter, F.: (eds.) Handbook of Modal Logic, Volume 3 of Studies in Logic and Practical Reasoning. Elsevier, Amsterdam (2007)

Download references

Acknowledgments

The first author thanks Jean-Luc Beuchat, Guillaume Bonfante, Johannes Borgström, Rajeev Goré, George Davida, Olga Grinchtein, Ciro Larrazabal, Mircea Marin, Lawrence S. Moss, Prakash Panangaden, Sylvain Pradalier, Daniel Reynaud-Plantey, Vijay Varadharajan, and Matt Webster for delightful discussions.

Open Access

This article is distributed under the terms of the Creative Commons Attribution Noncommercial License which permits any noncommercial use, distribution, and reproduction in any medium, provided the original author(s) and source are credited.

Author information

Authors and Affiliations

  1. Ecole Polytechnique and INRIA, Palaiseau, France

    Simon Kramer

  2. University of Edinburgh, Edinburgh, UK

    Julian C. Bradfield

Authors
  1. Simon Kramer
    View author publications

    Search author on:PubMed Google Scholar

  2. Julian C. Bradfield
    View author publications

    Search author on:PubMed Google Scholar

Corresponding author

Correspondence to Simon Kramer.

Additional information

Simon Kramer’s contribution was initiated in the Comète group at Ecole Polytechnique and INRIA (France), and completed under Grant P 08742 from the Japan Society for the Promotion of Science in the Laboratory of Cryptography and Information Security at the University of Tsukuba (Japan). Guillaume Bonfante and Jean-Yves Marion, LORIA, Nancy, France have been invited as guest editors for this paper.

Rights and permissions

Open Access This is an open access article distributed under the terms of the Creative Commons Attribution Noncommercial License (https://creativecommons.org/licenses/by-nc/2.0), which permits any noncommercial use, distribution, and reproduction in any medium, provided the original author(s) and source are credited.

Reprints and permissions

About this article

Cite this article

Kramer, S., Bradfield, J.C. A general definition of malware. J Comput Virol 6, 105–114 (2010). https://doi.org/10.1007/s11416-009-0137-1

Download citation

  • Received: 01 July 2008

  • Accepted: 09 September 2009

  • Published: 29 September 2009

  • Issue date: May 2010

  • DOI: https://doi.org/10.1007/s11416-009-0137-1

Share this article

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

Keywords

  • Modal Logic
  • Atomic Proposition
  • Computer Virus
  • Check Compliance
  • Information Warfare

Advertisement

Search

Navigation

  • Find a journal
  • Publish with us
  • Track your research

Discover content

  • Journals A-Z
  • Books A-Z

Publish with us

  • Journal finder
  • Publish your research
  • Language editing
  • Open access publishing

Products and services

  • Our products
  • Librarians
  • Societies
  • Partners and advertisers

Our brands

  • Springer
  • Nature Portfolio
  • BMC
  • Palgrave Macmillan
  • Apress
  • Discover
  • Your US state privacy rights
  • Accessibility statement
  • Terms and conditions
  • Privacy policy
  • Help and support
  • Legal notice
  • Cancel contracts here

Not affiliated

Springer Nature

© 2026 Springer Nature