An Attacker’s Day into Human Virology 5: Thoughts on Designed Biological Viruses and Darwinian Computer Viruses

The matters Guillaume Lovet touches upon in this section have to do with the frontier between bio and PC viruses, and whether it can be crossed spontaneously.

Comparative overview of defensive items

Guillaume Lovet: The defense mechanisms: we’ve been over some of those already. Detecting viruses inside of the body makes use of heuristics; we saw it was akin to phagocytes, whitelisting – akin to NK cells, and blacklisting – akin to T and B cells, plus antibodies. However, there is an issue with blacklisting, and this is the key difference between the AV world and the immunology world (see image below).

Number of biological viruses is finite

The key is that biological viruses are finite set. There is a limited number of possible biological viruses, it is 10^16. At any time in your body, you have 10^8 different T cells and B cells with the specific receptor matching one virus only. But when some of these die, others are generated with different receptors. Over the course of a few weeks, all of 10^16 possible variations can be covered. And this is why biological viruses are seldom not detected. It would be like in the AV world if the number of possible viruses were finite, and all you would need to have would be 10^16-large database of updates; or possibly 10^8 and then you get circular update so that over the course of a few weeks you check all the 10^16 possibilities.

Unfortunately, that’s not the case: there is an infinite number of possible computer viruses, and this is why sometimes they go through the AV defenses. We fall back to Cohen’s theorem, which is – given an unknown piece of code, the question whether it is a virus or not is not mathematically decidable.

So, the defense strategy of the body is usually to kill everything – intruders, but also infected cells which present the antigens of the intruders. In the computer world, it would be like if you would just kill all the infected computers or reinstall all the infected computers, which we cannot afford to do.

And then, finally, you get vaccines, which are a bit like AV updates, because you present some samples of viruses so that the immune system builds up defenses ahead of time. Basically, you load the adaptive system with signatures, much like AV update.

Could the frontier be crossed?

What we’ve just covered is basically a comparison between biological and computer viruses at the angle of functionality, we compared the functionalities – how they attack, how the body defends, etc. Now, beyond this we may wonder what the essence of a virus is, what its purpose is, and whether it is possible that sometimes the border gets crossed from one side or another.

Both biological and computer viruses are coded (though differently) for malign behavior

As I said earlier, a biological virus is essentially a DNA strand. Now, a DNA strand is a sequence of nucleotides: A, G, C, and T. Those sequences code the way proteins are built inside the infected cell. In the end, that DNA strand is information code in base 4 with the nucleotides. The information codes for proteins, and proteins, in their turn, make up the behavior of the virus, because it’s the special characteristics of the virus that make up its behavior. So, in the end you have info coding for the behavior.

For computer viruses, it is coding in base 2: 0 and 1; and this code, when interpreted by an infected host’s CPU, defines the behavior of the virus. So, in the end, both types of viruses are information coding for parasitic and replicative behavior, in base 2 and base 4, but in the end it is the same. So, in a sense, biological and computer viruses are the same (see left-hand image above).

Differences in terms of the purpose

Now, what is their purpose? (see left-hand image) The key when we deal with computer viruses is that they are designed by a conscious intelligence, which defines their purpose: could be making money, doing some espionage, intellectual property theft, or sometimes even destruction of strategic objects, like the Stuxnet worm for example.

On the other hand, biological viruses don’t really have a purpose in the sense that they are the fruit of random mutations playing along the lines of Darwinian evolution. So, unless you believe in intelligent design, biological viruses don’t really have a purpose, but then the same could be said of us, because we are also a fruit of random mutations.

Possible or not?

So, we questioned the possibility that at some point we might witness exactly the opposite, which means: biological viruses being designed by conscious intelligence, and computer viruses being Darwinian, playing along the lines of Darwinian evolution.

Man-made biological viruses – the truth and fiction

As a matter of fact, when dealing with designing the biological viruses, the pop culture is full of references to that. You have a number of conspiracy theories that say that AIDS was man-made, which is completely crazy. SARS also is supposed to be man-made. And this is backed up by a couple of scientists actually. If you are interested in that matter, I encourage you to read Wikipedia entry about that. In science fiction you have the St. Mary’s virus. Anyone know what St. Mary’s virus is? It is the virus mentioned in the book and then in the movie “V for Vendetta”, used by the regime to control the population.

Actually, the technology to produce synthetic viruses exists. In 2002, a group of scientists created out of nothing the Polio virus; and later, in 2008, the SARS virus was created out of nothing, synthesized. So, theoretically they could be designed as biological weapons. We have the technology for that. This hasn’t happened so far, to our knowledge – for two reasons.

First, biological weapons are banned under the Biological Weapons Convention. And the militaries think that it is not a very good weapon, in the sense that you cannot really control the evolution of it, and it could backfire at the attacking army. So, they would rather use bacteria like Anthrax which is easier to control. Of course that doesn’t mean that at some point some bio terrorists cannot design a virus to spread fear – it is possible, technically it is not so difficult. This is scary.

What we are looking for would be a spontaneous virus evolving out of nothing.

Evolvable malware – spontaneous, or essentially the product of intelligent design?

On the other end, Darwinian computer viruses have been created already as a proof of concept by some researchers. They call this Evolvable Malware, and unsurprisingly they make use of genetic algorithms, they play along the rules of replication, mutation, selection, like any living being. But they carry a significant dose of intelligent design, to begin with. I mean they were designed like this by conscious intelligence. So, it’s not really what we are looking for.

What we are looking for would be a spontaneous virus evolving out of nothing. In the pop culture, you have this masterpiece called “Ghost in the Shell”, where the flow of digital data is so dense throughout the world that it gives birth to a new form of life spontaneously; this is at the heart of the plot of “Ghost in the Shell”. Could it be possible that a virus evolve out of all digital data flowing through all the wires in the world?

Fact is, according to Cohen, the smallest possible virus would be eight characters long. Aside of that, you have fifteen Petabytes of new info created daily. Among those Petabytes of info, probably at some place, maybe at several different places, we will find those eight consecutive characters accidentally. Now, because those characters exist accidentally doesn’t mean that the virus will take life. You need a CPU to execute those eight characters.

Read previous: An Attacker’s Day into Human Virology 4: Which World Wins the Race?

Read next: An Attacker’s Day into Human Virology 6: Crossing the Frontier