(Password for ransomware is demo123)
:rotate(0)/j1z47220urvgusyn3iffnxt703hz)
(Password for ransomware is demo123)
:rotate(0)/kfsh236pb5f1miz8m3v4ula1c83z)
Viruses and Antiviruses
Zephyros Koyanis
David Giffin
This project was about creating viruses and antiviruses to investigate and explore data security, shining light on the extreme difficulty in creating an effective antivirus in comparison to the simplicity of malware.
THESIS
Creeper - the first virus
ILOVEYOU - Infected 10% of the internet at the time
AIDS Trojan - First Ransomware
PRECEDENTS
Algorithm
Key: demokey Numkey: 3
Security Analysis
Timeline: This was used around the mid 20th century
But many modern encryptions use this function as a part of a larger algorithm
ENCRYPTION
Not that secure. Because the key repeats and the XOR and shift are the only operations, using a known translation(like a file header) can let people break the encryption. It isn't very easy to do without a significant time investment and computation power however.
Convert file data and text key into binary strings
Compare each bit of data with repeating key bits
Output 1 if bits differ, 0 if they match
Shift the binary by the numkey
Convert back to ASCII text
STATE DIAGRAM
Ransomware
Controlware
STATE DIAGRAM
Antivirus
STATE DIAGRAM
ANTIVIRUS
FEATURES
CONTROLWARE
RANSOMWARE
FEATURES
PROTOTYPES
PROTOTYPES
PROGRAM DASHBOARD
PROTOTYPES
ACTIVE PROCESS MONITORING
PROTOTYPES
ACTIVE NETWORK MONITORING
PROTOTYPES
THREAT ANALYSIS
PROTOTYPES
PROTOTYPES
DETAILED PROGRAM LOGGING
NEXT STEPS
By Zephyros Koyanis and David Giffin
Viruses and Antiviruses
This project demonstrates how encryption functions in cyber attacks and defense by creating a ransomware simulator with encrypted LAN communication and a corresponding antivirus detection system using Python and Java. The goal is to understand how cryptographic techniques are weaponized by attackers and leveraged by defenders in real-world cybersecurity scenarios.
Project Thesis
Creeper - the first virus
ILOVEYOU - Infected 10% of the internet at the time
Perplexity Comet AI - Currently spreading via Discord promotional challenges, data scraper
Viral Precedents
AIDS Trojan - First Ransomware
Viral Precedents
McAfee - "Antivirus" that acts more like a virus, including a method to prevent successful uninstallation. Made by presidential candidate and (potentially) murderer John McAfee.
History Reference
AIDS Trojan Ransomware
History Reference
AIDS Trojan Ransomware
The AIDS Trojan was a virus disguised as information on AIDS, which would include information on AIDS, your risk of AIDS, and recommendations based on your risk level.
Upon 90 computer restarts, the software would encrypt all system file names on the C: drive, demanding money for the decryption of said files.
Algorithm
Key: demokey Numkey: 3
Security Analysis
Timeline: This was used around the mid 20th century
But many modern encryptions use this function as a part of a larger algorithm
Encryption Method
Not that secure. Because the key repeats and the XOR and shift are the only operations, using a known translation(like a file header) can let people break the encryption. It isn't very easy to do without a significant time investment and computation power however.
Convert file data and text key into binary strings
Compare each bit of data with repeating key bits
Output 1 if bits differ, 0 if they match
Shift the binary by the numkey
Convert back to ASCII text
State Diagram
Full State Diagram
Ransomware
Controlware
We want to create physical representations of common uses for encryption in cybersecurity. An explanation of trojans could use the classic story of troy, different types of encryption could have different physical representations like bit shifting is really easy to show with letter or number tiles.
Museum Exhibit Proposal
Museum Exhibit Precedents
MIT Museum Community Wall
Previous OI Project: Minecraft Computing
Prototypes
Prototypes
Next Steps
Feedback