It’s good to know that there is a positive aspect to malware. But it takes a lot of hard work to make it so. ...
The pictures here are the product of the creative artistry of Romanian artist and now member of MIT’s social media research group Alex Dragulescu, and the malware hunters at MessageLabs. Paul Wood, senior security analyst at MessageLabs and linkman between the labs and Dragulescu, said the two parties got in touch after discovering that Dragulescu was using information from spam e-mail to develop computer-generated images. “We thought it might be a good idea to see if Alex’s technique could work with malware,” said Wood.
Dragulescu had developed algorithms that took pieces of code from messages and reiterated them, much the way fractal images are created, to build images.
“Obviously we didn’t want to give Alex live malware code to work on, so we deconstructed the code to see how it worked, what calls it made, what files it opened,” Wood said.
He said the process is analogous to genetic engineering, where the malware’s DNA is sliced and diced and reassembled under control to produce something new and interesting.
In addition to supplying the deactivated code, MessageLabs suggested that Dragulescu use different colour codes for each type of malware.
“What we didn’t expect to see was how the images from a blended threat would reveal code elements belonging to each individual threat,” Wood said.
Wood said his bug hunters were sceptical to start with, but once they could see how code patterns could produce instantly recognisable malware signatures they got excited.
“With our present equipment is takes about an hour to get a picture, so it’s not practical to use this technique in production to identify malware, Wood said. “But with Alex at MIT, he’s got access to some serious computer power. Who knows where this might lead?” he said.