Title: Simulating Malware with MAlSim
Authors: LESZCZYNA RAFALNAI FOVINO IGORMASERA MARCELO
Citation: Proceedings of the 17th Annual EICAR Conference IT Security is Facing a Paradigm Shift - New Threats and more Subtle Methods of Attack Require Different Approaches and Solutions p. 243-261
Publisher: Point de Reprographie de l'Ecole Superieure et d'Application des Transmissions
Publication Year: 2008
JRC Publication N°: JRC42869
URI: http://publications.jrc.ec.europa.eu/repository/handle/JRC42869
Type: Contributions to Conferences
Abstract: This paper describes MAlSim - Mobile Agent Malware Simulator - a mobile agent framework developed to address one of the most important problems related to the simulation of attacks against information systems i.e. the lack of adequate tools for reproducing behaviour of malicious software (malware). The framework can be deployed over the network of an arbitrary information system and it aims at simulating behaviour of each instance of malware independently. MAlSim Toolkit provides multiple classes of agents and diverse behavioural and migration/replication patterns (which, taken together, form malware templates), to be used for implementation of various types of malware (viruses, worms, malicious mobile code). The primary application of MAlSim is to support security assessments of information systems based on simulation of attacks against these systems. In this context, the framework was successfully applied to the studies on security of the information system of a power plant. The case study proved the operability, applicability and usefulness of the simulation framework and it led to very interesting conclusions on the security of the evaluated system.
JRC Institute:Institute for the Protection and Security of the Citizen

Files in This Item:
There are no files associated with this item.


Items in repository are protected by copyright, with all rights reserved, unless otherwise indicated.