Code-Red: a case study on the spread and victims of an internet worm
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Simulating realistic network worm traffic for worm warning system design and testing
Proceedings of the 2003 ACM workshop on Rapid malcode
Experiences with worm propagation simulations
Proceedings of the 2003 ACM workshop on Rapid malcode
Proceedings of the 2003 ACM workshop on Rapid malcode
Epidemic profiles and defense of scale-free networks
Proceedings of the 2003 ACM workshop on Rapid malcode
Bot Software Spreads, Causes New Worries
IEEE Distributed Systems Online
High-Fidelity Modeling of Computer Network Worms
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Distributed Worm Simulation with a Realistic Internet Model
Proceedings of the 19th Workshop on Principles of Advanced and Distributed Simulation
Modeling epidemic spreading in mobile environments
Proceedings of the 4th ACM workshop on Wireless security
On instant messaging worms, analysis and countermeasures
Proceedings of the 2005 ACM workshop on Rapid malcode
The ghost in the browser analysis of web-based malware
HotBots'07 Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets
A first look at peer-to-peer worms: threats and defenses
IPTPS'05 Proceedings of the 4th international conference on Peer-to-Peer Systems
Web service description for mobile phone virus
Proceedings of the 2nd International Conference on Interaction Sciences: Information Technology, Culture and Human
EMBER: a global perspective on extreme malicious behavior
Proceedings of the Seventh International Symposium on Visualization for Cyber Security
Hi-index | 0.00 |
The increasing convergence of power-law networks such as social networking and peer-to-peer sites, web applications and mobile platforms makes today's users highly vulnerable to entirely new generations of malware that exploit vulnerabilities in web applications and mobile platforms for new infections, while using the power-law connectivity for finding new victims. The traditional epidemic models based on assumptions of homogeneity, averagedegree distributions, and perfect-mixing are inadequate to model this type of malware propagation. In this paper, we study three aspects crucial to modeling malware propagation in such environments: application-level interactions among users of such networks, local network structure, and user mobility. Since closed-form solutions of malware propagation in such environments are difficult to obtain, we describe an open-source, flexible agent-based emulation framework that can be used by malware researchers for studying today's complex malware. The framework, called Agent-Based Malware Modeling (AMM), allows different applications, network structure and user mobility in either a geographic or a logical domain to study various infection and propagation scenarios. The majority of the parameters used in the framework can be derived from real-life network traces collected from these networks, and therefore, represent realistic malware propagation and infection scenarios. As representative examples, we examine two well-known malware spreading mechanisms: (i) a malicious virus such as Cabir spreading among the subscribers of a cellular network using Bluetooth, and (ii) a hybrid worm that exploit email and file-sharing to infect users of a social network. In both cases, we identify the parameters most important to the spread of the epidemic based upon our extensive simulation results.