An agent-based model to simulate coordinated response to malware outbreak within an organisation

Authors:
Jonathan Pan;Chun Che Fung
Affiliations:
School of Information Technology, Murdoch University, Murdoch WA 6150, Australia;School of Information Technology, Murdoch University, Murdoch WA 6150, Australia
Venue:
International Journal of Information and Computer Security
Year:
2012

Citing 10
Cited 0

How to Own the Internet in Your Spare Time

Proceedings of the 11th USENIX Security Symposium
The economic cost of publicly announced information security breaches: empirical evidence from the stock market

Journal of Computer Security - IFIP 2000
The monitoring and early detection of internet worms

IEEE/ACM Transactions on Networking (TON)
On the performance of internet worm scanning strategies

Performance Evaluation
Modeling and Automated Containment of Worms

IEEE Transactions on Dependable and Secure Computing
Multi-agent Model Analysis of the Containment Strategy for Avian Influenza (AI) in South Korea

BIBM '08 Proceedings of the 2008 IEEE International Conference on Bioinformatics and Biomedicine
A testbed for power system security evaluation

International Journal of Information and Computer Security
Modeling Modern Network Attacks and Countermeasures Using Attack Graphs

ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
Agent-based modeling and simulation

Winter Simulation Conference
NGCE – network graphs for computer epidemiologists

PCI'05 Proceedings of the 10th Panhellenic conference on Advances in Informatics

Quantified Score

Hi-index	0.00

Visualization

Abstract

Malware is a major threat to organisations. It affects business continuity and induces risks to organisations. Current anti-malware solutions are challenged to keep the risks at bay. When a malware manages to penetrate an organisation's defences, there is a need to quickly contain the malware and to keep control over the organisation's IT assets before the risk escalates. In such incident, incident responders need to effectively carry out their containment plan. An ineffective containment plan will induce greater risks. Such infiltration can spread like a biological epidemic outbreak. These epidemic-like outbreaks can be modelled using mathematical models. However there are no models to assess the effectiveness of incident response plan. Additionally, there are many variable considerations that the incident response plan would need to factor in. This research paper proposes the use of an agent-based model to model containment response plan to minimise the impact of a malware outbreak.