Please use this identifier to cite or link to this item:
|Title:||Simulating Malware with MAlSim|
|Authors:||LESZCZYNA RAFAL; NAI FOVINO IGOR; MASERA MARCELO|
|Citation:||Proceedings of the 17th Annual EICAR Conference IT Security is Facing a Paradigm Shift - New Threats and more Subtle Methods of Attack Require Different Approaches and Solutions p. 243-261|
|Publisher:||Point de Reprographie de l'Ecole Superieure et d'Application des Transmissions|
|JRC Publication N°:||JRC42869|
|Type:||Contributions to Conferences|
|Abstract:||This paper describes MAlSim - Mobile Agent Malware Simulator - a mobile agent framework developed to address one of the most important problems related to the simulation of attacks against information systems i.e. the lack of adequate tools for reproducing behaviour of malicious software (malware). The framework can be deployed over the network of an arbitrary information system and it aims at simulating behaviour of each instance of malware independently. MAlSim Toolkit provides multiple classes of agents and diverse behavioural and migration/replication patterns (which, taken together, form malware templates), to be used for implementation of various types of malware (viruses, worms, malicious mobile code). The primary application of MAlSim is to support security assessments of information systems based on simulation of attacks against these systems. In this context, the framework was successfully applied to the studies on security of the information system of a power plant. The case study proved the operability, applicability and usefulness of the simulation framework and it led to very interesting conclusions on the security of the evaluated system.|
|JRC Institute:||Institute for the Protection and Security of the Citizen|
Files in This Item:
There are no files associated with this item.
Items in repository are protected by copyright, with all rights reserved, unless otherwise indicated.