A growing number of users have computer resources such as personal computers or mobile telephones, connected to public networks such as the Internet.
These connections can then be used by malicious third parties, also called “pirates” or “hackers”, to contaminate these resources by using software, called viruses, and to hijack their activity for abusive or even illicit operations.
Generally, the users of the hijacked resources lack the computer training to enable them to satisfactorily protect their computers and/or detect the contamination of these resources.
Because of this, the hijacking of computer resources is typically implemented in a way that does not disrupt the function of these resources, which, in particular, makes it possible to not arouse suspicion by the user of these resources as to the contamination.
This is the case with computer viruses called “Bots” or “BotNets”, an abbreviation of “Network of Bots”, that propagate while minimising the visible impact on the contaminated computers.
It should be noted that such viruses can nevertheless carry out pirate operations that are especially damaging for the users of the contaminated and hijacked resources.
As an example, known “discrete” viruses can steal confidential data, such as code numbers and bank account numbers, to transmit them to third parties who can uses these confidential data in fraudulent ways.
Also, there are discrete viruses that can order the sending of “Distributed Denial of Services” (DDOS) SPAM, which generates a high volume (from several hundred or even thousands of infected machines) of fake network messages to an Internet site in order to disrupt or stop service, or even that can order the hosting of illegal content, for example, paedophilic content.
In this case, the viruses can affect the reputation, or even the civil liability, of the user of the hijacked resources.
In fact, it appears that users run the risk of being held liable for damages committed by their contaminated computer resources if these users cannot show that they have implemented suitable security measures, which is not easy for users who are not specialised in computer engineering.
Finally, a last problem with “discrete” viruses lies in their strong ability for contamination, since, if the user does not note a malfunction of the computer resources, significant time can elapse—during which the contamination will propagate—before the user acts to remove the virus.
In order to detect the hijacking of computer resources, the implementation of anti-virus software is common but limited to viruses defined in advance, using a statistical approach according to which the signatures, or fingerprints, of the viruses in anti-virus databases are static, even though new viruses are generated frequently, with some having the ability to dynamically modify their digital fingerprint. Additionally, few users regularly update their anti-virus software.
Also, the users of computer resources are faced with the problem of data confidentiality, especially when a user is a company that employs many workers.
In fact, in this case, the laws of many countries, France for example, prohibit companies or service providers from monitoring private connections, made by an employee or by a subscriber to an Internet service, thus making it impossible to detect connections to potentially dangerous sites.