Note: this article is now at least two years old and may contain serious errors.

Decentralized virus scanner

A game of war for decentralized threat detection:

  • One side plays the attacker
  • The other side plays defence
  • The field is a virtual machine
  • The ombudsman is software that monitors the VMs health
  • The ombudsman is concerned with what has happened to the VM
  • Are key system files damaged?
  • Have files been locked / crypted by malware?
  • Are certain network resources hijacked?
  • Attackers submit vectors to disrupt the VM
  • Defenders submit vectors to protect the VM
  • False positive and negative problem: design the ombudsman to accept random nonce values that impact the tests, i.e. measure performance at date stamp X rather than at a fixed date each time.
  • Statistically validity becomes more apparent over time.
  • Reward function is yet unknown: but it could be a dividend system based on stopping or evading vectors -- I find the potential here fascinating
  • I should note because the ombudsman can observe the result, it becomes objective in nature (like a true consensus system), and objective, goal-driven systems make for good cryptocurrencies
  • Resulting cryptocurrency becomes an emergent virus scanner
  • Security researchers could collaboratively update the ombudsman too based on reputation + stake-holder approval.
  • Alternatively, the standard hard fork model would also work