3,339 research outputs found
Distributed interaction between computer virus and patch: A modeling study
The decentralized patch distribution mechanism holds significant promise as
an alternative to its centralized counterpart. For the purpose of accurately
evaluating the performance of the decentralized patch distribution mechanism
and based on the exact SIPS model that accurately captures the average dynamics
of the interaction between viruses and patches, a new virus-patch interacting
model, which is known as the generic SIPS model, is proposed. This model
subsumes the linear SIPS model. The dynamics of the generic SIPS model is
studied comprehensively. In particular, a set of criteria for the final
extinction or/and long-term survival of viruses or/and patches are presented.
Some conditions for the linear SIPS model to accurately capture the average
dynamics of the virus-patch interaction are empirically found. As a
consequence, the linear SIPS model can be adopted as a standard model for
assessing the performance of the distributed patch distribution mechanism,
provided the proper conditions are satisfied
Agentâbased modeling of malware dynamics in heterogeneous environments
The increasing convergence of powerâlaw networks such as social networking and peerâtoâpeer applications, webâdelivered applications, and mobile platforms makes today's users highly vulnerable to entirely new generations of malware that exploit vulnerabilities in web applications and mobile platforms for new infections, while using the powerâlaw connectivity for finding new victims. The traditional epidemic models based on assumptions of homogeneity, averageâdegree distributions, and perfectâmixing are inadequate to model this type of malware propagation. In this paper, we study four aspects crucial to modeling malware propagation: applicationâlevel interactions among users of such networks , local network structure , user mobility , and network coordination of malware such as botnets . Since closedâform solutions of malware propagation considering these aspects are difficult to obtain, we describe an openâsource, flexible agentâbased emulation framework that can be used by malware researchers for studying today's complex malware. The framework, called AgentâBased Malware Modeling (AMM), allows different applications, network structure, network coordination, and user mobility in either a geographic or a logical domain to study various infection and propagation scenarios. In addition to traditional worms and viruses, the framework also allows modeling network coordination of malware such as botnets. The majority of the parameters used in the framework can be derived from realâlife network traces collected from a network, and therefore, represent realistic malware propagation and infection scenarios. As representative examples, we examine two wellâknown malware spreading mechanisms: (i) a malicious virus such as Cabir spreading among the subscribers of a cellular network using Bluetooth and (ii) a hybrid worm that exploit email and fileâsharing to infect users of a social network. In both cases, we identify the parameters most important to the spread of the epidemic based upon our extensive simulation results. Copyright © 2011 John Wiley & Sons, Ltd. This paper presents a novel agentâbased framework for realistic modeling of malware propagation in heterogeneous networks, applications and platforms. The majority of the parameters used in the framework can be derived from realâlife network traces collected from a network, and therefore, represent realistic malware propagation and infection scenarios for the given network. Two wellâknown malware spreading mechanisms in traditional as well as mobile environments were studied using extensive simulations within the framework and the most important spreading parameters were identified.Peer Reviewedhttp://deepblue.lib.umich.edu/bitstream/2027.42/101832/1/sec298.pd
- âŠ