Specialized genetic algorithm based simulation tool designed for malware evolution forecasting

• Autorzy: Juzonis V. , Goranin N. , Cenys A. , Olifer D.

Identyfikatory

DOI

10.2478/v10065-012-0031-1

• Języki publikacji: EN

Abstrakty

EN

From the security point of view malware evolution forecasting is very important, since it provides an opportunity to predict malware epidemic outbreaks, develop effective countermeasure techniques and evaluate information security level. Genetic algorithm approach for mobile malware evolution forecasting already proved its effectiveness. There exists a number of simulation tools based on the Genetic algorithms, that could be used for malware forecasting, but their main disadvantages from the user’s point of view is that they are too complicated and can not fully represent the security entity parameter set. In this article we describe the specialized evolution forecasting simulation tool developed for security entities, such as different types of malware, which is capable of providing intuitive graphical interface for users and ensure high calculation performance. Tool applicability for the evolution forecasting tasks is proved by providing mobile malware evolution forecasting results and comparing them with the results we obtained in 2010 by means of MATLAB.

Słowa kluczowe

EN

genetic algorithm; malware; mobile malware; information security

• Wydawca: Wydawnictwo UMCS
• Czasopismo: Annales Universitatis Mariae Curie-Skłodowska. Sectio AI, Informatica
• Rocznik: 2012
• Tom: Vol. 12, no. 4
• Strony: 23--37
• Opis fizyczny: Bibliogr. 38 poz., rys., tab.

Twórcy

autor

Juzonis V.

• Vilnius Gediminas Technical University, Saulétekio al. 11,SRL-I-415, LT-10223, Vilnius, Lithuania

autor

Goranin N.

• Vilnius Gediminas Technical University, Saulétekio al. 11,SRL-I-415, LT-10223, Vilnius, Lithuania

autor

Cenys A.

• Vilnius Gediminas Technical University, Saulétekio al. 11,SRL-I-415, LT-10223, Vilnius, Lithuania

autor

Olifer D.

• Vilnius Gediminas Technical University, Saulétekio al. 11,SRL-I-415, LT-10223, Vilnius, Lithuania

Bibliografia

• [1] Monga R., MASFMMS: Multi Agent Systems Framework for Malware Modeling and Simulation, Lecture Notes in Computer Science 5269 (2009): /2009, 97.
• [2] Barford P., Yegneswaran V., An Inside Look at Botnets, Advances in Information Security, 27 (2007): 171.
• [3] Shah A., IDC: 1 Billion Mobile Devices Will Go Online by 201, IDG News Service, Interactive (2009); http://www.pcworld.com
• [4] Defense Acquisition University, Systems Engineering Fundamentals: January 2001, Defense Acquisition University Press. (2001).
• [5] Zou C.C., Gong W., Towsley D., Code Red Worm Propagation Modeling and Analysis, CCS ’02: Proceedings of the 9th ACM Conference on Computer and communications security, ACM. (2002): 138.
• [6] Goranin N., Cenys A., Genetic Algorithm Based Internet Worm Propagation Strategy Modeling, Information Technology And Control. 37 (2008): 133.
• [7] Garetto M.W., Towsley G. D., Modeling Malware Spreading Dynamics, Proceedings of INFOCOM (2003).
• [8] Ramachandran K., Sikdar B., Modeling malware propagation in Gnutella type peer-to-peer networks, Proceedings of the Parallel and Distributed Processing Symposium, IPDPS 20 (2006): 8.
• [9] Serazzi G., Zanero S., Computer Virus Propagation Models. Lecture Notes in Computer Science (2004): 26.
• [10] Holland J. Adoption in natural and artificial systems, The MIT press (1975).
• [11] Birchenhall C., Kastrinos N., Metcalfe S., Genetic algorithms in evolutionary modeling, Journal of Evolutionary Economics 7 (1997): 375.
• [12] Hill R.R., McIntyre G.A., Narayanan S., Genetic Algorithms for Model Optimization, Proceedings of Simulation Technology and Training Conference (SimTechT) (2001).
• [13] Stender J., Hillebrand E., Kingdon J., Genetic Algorithms in Optimization, Simulation and modeling, IOS Press (1994).
• [14] Faraoun K.M., Boukelif A., Genetic Programming Approach for Multi-Category Pattern Classification Applied to Network Intrusions Detection, International Journal of Computational Intelligence 3(1) (2007): 79.
• [15] Goranin N., Cenys A., Genetic algorithm based Internet worm propagation strategy modeling under pressure of countermeasures, Journal of Engineering Science and Technology Review 2 (2009): 43.
• [16] Goranin N., Cenys A., Malware Propagation Modeling by the Means of Genetic Algorithms, Electronics and Electrical Engineering 86 (2008): 23.
• [17] Kaspersky Lab, Kaspersky Lab reports (2009); Interactive: http://www/.kaspersky.com
• [18] Naraine R., Cell Phone Security: New Skulls Mutant Comes with Virus Extras (2004); Interactive: http://www.eweek.com
• [19] Niemela J., F-Secure Virus Descriptions: Skulls D. F-Secure Corporation (2005); Interactive: http://www.f-secure.com
• [20] Jarno U., Disinfection tool for SymbOS/Locknut.A (Gavno.A and Gavno.B), F-Secure Corporation (2005); Interactive: http://www.f-secure.com/
• [21] F-Secure, Worm: SymbOS/Commwarrior, F-Secure Corporation (2006); Interactive: http://www.f-secure.com/
• [22] Sundgot J., First Symbian OS virus to replicate over MMS appears (2005); Interactive: http://www.infosyncworld.com/
• [23] McAfee Threats Report: Third Quarter 2011 [Reviewed 2011-11-14], Link: http://www.mcafee.com/us/resources/reports/rp-quarterly-threat-q3-2011.pdf
• [24] Kephart J. O., White S. R., Directed-graph epidemiological models of computer viruses, Proceedings of IEEE Computer Society Symposium (1991): 343.
• [25] Zou C.C., Towsley D., Gong W., Email Virus Propagation Modeling and Analysis, Technical report TRCSE-03-04, University of Massachusetts (2004).
• [26] Staniford S., Paxson V., Weaver N., How to 0wn the Internet in Your Spare Time, Proceedings of the 11th USENIX Security Symposium, USENIX Association (2002): 149.
• [27] Nazario J., Defense and Detection Strategies against Internet Worms, Artech House Publishers (2003).
• [28] Chen Z., Gao L., Kwiat K., Modeling the Spread of Active Worms, Proceedings of NFOCOM 2003, Twenty-Second Annual Joint Conference of the IEEE Computer and Communications, IEEE Societies 3 (2003): 1890.
• [29] Zou C. C., Gong W., Towsley D., Worm Propagation Modeling and Analysis under Dynamic Quarantine Defense, WORM ’03: Proceedings of the 2003 ACM workshop on Rapid malcode, ACM (2003): 51.
• [30] Zou C. C., Gong W., Towsley D., On the performance of Internet worm scanning strategies Performance Evaluation, Elsevier Science Publishers B. V. 63 (2005): 700.
• [31] Lelarge M., Economics of Malware: Epidemic Risks Model, Network Externalities and Incentives, Proceedings of Fifth biannual Conference on The Economics of the Software and Internet Industries (2009).
• [32] Li Z., Liao Q., Striegel A., BotnetEconomics: Uncertainty Matters, Managing Information Risk and the Economics of Security, Springer US. (2009): 1.
• [33] Fultz N., Distributed attacks as security games, Master thesis, US Berkley School of Information (2008).
• [34] Ruitenbeek E.V., Courtney T., Sanders W.H., Stevens F., Quantifying the Effectiveness of Mobile Phone Virus Response Mechanisms, IEEE/IFIP International Conference on Dependable Systems and Networks (2007): 790.
• [35] Bulygin Y., Epidemics of Mobile Worms, Performance, Computing, and Communications Conference, 2007. IPCCC 2007, IEEE International (2007): 475.
• [36] Noreen S., Murtaza S., Shafiq M.Z., Farooq M., Evolvable malware, GECCO ’09: Proceedings of the 11th Annual conference on Genetic and evolutionary computation, ACM (2009): 1569.
• [37] Global and Discrete Optimization, Kauno technologijos universitetas, Programin˙es i¸rangos katedra, [Reviewed 2010-04-17]; Link: http://soften.ktu.lt/ ˜mockus.
• [38] Global Optimization Toolbox, [Reviewed 2010-10-26]; Link: http://www.mathworks.com/help/toolbox/ gads/ ga.html.