A Software System for Large-Scale Simulation of Malware Propagation in Computer Networks

Document Type : Original Article

Authors

iran univer. of science and technology

Abstract

Today, the presence of methods and tools for large-scale modeling of different types of epidemic        phenomena is a serious and critical requirement. Understanding these phenomena and discovering        strategic solutions in various situations is also very important. Regarding the large number of agents and their complicated behaviors and lack of theoretical and analytical solutions, the need for simulation systems is so clear. In this paper, we introduce a software system for simulation of epidemic phenomena, especially   malware propagation in computer networks. This software system is able to simulate a large number of agents with different propagation models and parameters and show the graphical and statistical results dynamically. Distributed architecture, using real-world data, ability to use different kinds of epidemic   models and dynamic visualization of simulation results, are some of the innovations of the proposed     method. By performing different simulations, the relationships between infection density and simulation parameters such as the propagation model, the infection probability and the probability of vulnerability, were investigated over time. Additionally, the correctness of the simulation results is confirmed by         comparing them to the results obtained from analytical methods.
 

Keywords


 [1]
A. Barabási and M. Pósfai, “Network Science,” Cambridge University Press, 2017.##
[2]
U. Wilensky and W. Rand, “An introduction to agent-based modelling,” MIT Press, 2015.##
[3]
W. Dubitzky, K. Kurowski, and B. Schott, “Large-Scale Computing Techniques for Complex System Simulations,” Wiley, 2011.##
[4]
M. Ashtiani and M. Abdollahi Azgomi, “A distributed simulation framework for modeling cyber attacks and the evaluation of security measures,” Simulation, vol. 90, no. 9, pp. 1071-1102 , 2014.##
[5]
W. V. D. Broeck, C. Gioannini, B. Gonçalves, M. Quaggiotto, V. Colizza, and A. Vespignani, “The GLEaMviz computational tool, a publicly available software to explore realistic epidemic spreading scenarios at the global scale,” BMC Infect Dis, vol. 11, no. 1, 2011.##
[6]
“NetLogo Home Page,” http://ccl.northwestern.edu/netlogo/index.shtml. [Accessed: 09- Dec- 2018].##
[7]
“NetLogo Models Library: Virus,” http://ccl.northwestern.edu/netlogo/models/Virus. [Accessed: 09- Dec- 2018].##
[8]
S. Hosseini and M. Abdollahi Azgomi, “Malware Propagation Modeling Considering Software Diversity Approach in Weighted Scale-Free Networks,” Journal  of Electronic and Cyber Defence (ECDJ), 2018. (in Persian)##
[9]
 “What is RabbitMQ?” https://www.cloudamqp.com/img/blog/exchanges-bidings-routing-keys.png. [Accessed: 06- Nov- 2018].##
[10]
“SNAP: Stanford Network Analysis Project,” https://snap.stanford.edu/. [Accessed: 09- Sep- 2017].##
[11]
Techterms, “Malware Definition,” https://techterms.com/definition/malware. [Accessed: 22- Sep- 2017].##
[12]
R. Leszczyna, I. Nai Fovino, and M. Masera, “Simulating malware with MAlSim,” Journal in Computer Virology, vol. 6, no. 1, pp. 65-75, 2008.##
[13]
J. Krishnaswamy and S. J. S. University, “Wormulator: Simulator for Rapidly Spreading Malware,” http://scholarworks.sjsu.edu/etd_projects/69/. [Accessed: 24-10-2016].##
[14]
J. Aycock, H. Crawford, and R. Degraaf, “Spamulator: the Internet on a laptop,” Proceedings of the 13th Annual Conference on Innovation and Technology in Computer Science Education - ITiCSE '08, pp. 142-147 , 2008.##
[15]
“GleamVis: The global epidemic and mobility model,” http://www.gleamviz.org/simulator/. [Accessed 23 10 2016].##
[16]
S. A. Thomas, “Data Visualization with JavaScript,” O'Reilly, 2015.##
[17]
S. Yu, G. Gu, A. Barnawi, S. Guo, and I. Stojmenovic, “Malware Propagation in Large-Scale Networks,” IEEE Transactions on Knowledge and Data Engineering, vol. 27, no. 1, pp. 170 - 179, 2015.##
[18]
G. Yan, G. Chen, S. Eidenbenz, and N. Li, “Malware propagation in online social networks: nature, dynamics, and defense implications,” ASIACCS '11 Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, pp. 196-206 , 2011.##
[19]
N. Santhi, G. Yan, and S. Eidenbenz, “CyberSim: Geographic, temporal, and organizational dynamics of malware propagation,” Simulation Conference (WSC), pp. 2876 - 2887, 2010.##
[20]
S. Paul, “Malware Propagation and Detection,” LAP Lambert, 2016.##
[21]
V. Karyotis and M. Khouzani, “Malware Diffusion Models for Modern Complex Networks: Theory and Applications,” Morgan Kaufmann, 2016.##
[22]
M. Garetto, W. Gong, and D. Towsley, “Modeling Malware Spreading Dynamics,” IEEE INFOCOM, vol. 3, pp.        1869 - 1879, 2003.##
[23]
C. Fleizach and M. Liljenstam, “Can you infect me now?: malware propagation in mobile phone networks,” WORM '07 Proceedings of the 2007 ACM workshop on Recurring malcode, pp. 61-68 , 2007.##
[24]
M. R. Faghani and H. Saidi, “Malware Propagation in Online Social Networks,” Malicious and Unwanted Software (MALWARE), 4th International Conference, pp. 8 -14, 2009.##
[25]
D. Chen , L. Wang, and J. Chen, “Large-Scale Simulation: Models, Algorithms, and Applications,” CRC Press, 2012.##
[25]
F. Bachmann, L. Bass, D. Garlan, J. Ivers, R. Little, P. Merson, R. Nord, and J. Stafford, “Documenting Software Architectures,” Addison-Wesley Professional, 2011.##
[26]
P. N. Castillo, “Mastering D3.js - Data Visualization for JavaScript Developers,” Packt Publishing, 2014.##
[27]
A. Bondi, “Characteristics of scalability and their impact on performance,” Proceedings of the second international workshop on Software and performance - WOSP '00, 2000.##
[28]
K. Channakeshava, D. Chafekar, K. Bisset, and M. Marathe, “EpiNet: A Simulation Framework to Study the Spread of Malware in Wireless Networks,” Proceedings of the 2nd International Conference on Simulation Tools and Techniques for Communications, Networks and Systems, SimuTools, 2009.##
[29]
S. Goyal, “Centralized vs Decentralized vs Distributed,” Medium, https://medium.com/@bbc4468/centralized-vs-decentralized-vs-distributed-41d92d463868. [Accessed: 06- Oct- 2017].##
[30]
M. Lees, B. Logan, and A. J. King, “HLA Simulation of Agent-Based Bacterial Models,” in Simulation Interoperability Standards Organisation, Genoa, 2007.##
[31]
O. Topçu, U. Durak, H. Oğuztüzün, and L. Yilmaz, “Distributed Simulation: A Model Driven Engineering Approach. Springer,” 2016.##
[32]
K. Channakeshava, K. Bisset, V. A. Kumar, M. Marathe, and S. Yardi, “High Performance Scalable and Expressive Modeling Environment to Study Mobile Malware in Large Dynamic Networks,” IEEE International Parallel & Distributed Processing Symposium, 2011.##
[33]
N. DuPaul, “Common Malware Types: Cybersecurity 101,” https://www.veracode.com/blog/2012/10/common-malware-types-cybersecurity-101. [Accessed: 24- Sep- 2017].##
[34]
M. Damshenas, A. Dehghantanha, and R. Mahmoud, “A Survey on Malware Propagation, Analysis, and Detection,” International Journal of Cyber-Security and Digital Forensics (IJCSDF), vol. 2, no. 4, pp. 10-29, 2013.##