PrEP: A Framework for Malware & Cyber Weapons

The Journal of Information Warfare, Vol.13, No.1, February 2014

20 Pages Posted: 26 Oct 2013 Last revised: 3 Mar 2015

See all articles by Trey Herr

Trey Herr

American University - School of International Service

Date Written: December 20, 2013

Abstract

The contemporary debate over cyber security rests on a set of linguistic artifacts that date from the Cold War. Attempting to glean a starting point for debate over use of terms like “cyber attack” or “cyber war” is difficult, largely because there is little agreement on what constitutes a weapon in cyberspace, be it “weaponized code” or black hats with root access. For information security professionals, this has led to a proliferation of different taxonomies tied to proprietary anti-virus systems. To social science researchers and the policy community, the result has been unclear definitions and vague terminology, which hinder academic progress and the development of effective policy. This paper proposes a new framework to classify malware and cyber weapons based on the different pieces of malicious code that constitute them, then evaluates competing definitions of cyber weapons, and concludes with implications for this approach. As developed in this paper, Cyber Weapons are any combination of three software components: a Propagation Method, one or several Exploits, and a Payload designed to create destructive physical or logical effects. Defining malware requires a difficult balance between technical specificity and conceptual breadth. The PrEP framework attempts to combine these, while building out a set of concepts useful to both research and policy communities.

Keywords: Cyber weapon, intrusion, cyberdefense, exploit, payload, malware

Suggested Citation

Herr, Trey, PrEP: A Framework for Malware & Cyber Weapons (December 20, 2013). The Journal of Information Warfare, Vol.13, No.1, February 2014, Available at SSRN: https://ssrn.com/abstract=2343798 or http://dx.doi.org/10.2139/ssrn.2343798

Trey Herr (Contact Author)

American University - School of International Service ( email )

4400 Massachusetts Ave, NW
Washington, DC 20016
United States

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Downloads
802
Abstract Views
4,151
Rank
62,693
PlumX Metrics