This paper describes MAlSim - Mobile Agent Malware Simulator - a mobile agent framework developed to address one of the most important problems related to the simulation of attacks against information systems, i.e. the lack of adequate tools for reproducing behaviour of malicious software (malware). The framework can be deployed over the network of an arbitrary information system and it aims at simulating behaviour of each instance of malware independently. MAlSim Toolkit provides multiple classes of agents and diverse behavioural and migration/replication patterns (which, taken together, form malware templates), to be used for implementation of various types of malware (viruses, worms, malicious mobile code). The primary application of MAlSim is to support security assessments of information systems based on simulation of attacks against these systems. In this context, the framework was successfully applied to the studies on security of the information system of a power plant. The case study proved the operability, applicability and usefulness of the simulation framework and it led to very interesting conclusions on the security of the evaluated system.
Autorzy
- dr hab. inż. Rafał Leszczyna link otwiera się w nowej karcie ,
- Igor Nai Fovino,
- Marcelo Masera
Informacje dodatkowe
- DOI
- Cyfrowy identyfikator dokumentu elektronicznego link otwiera się w nowej karcie 10.1007/s11416-008-0088-y
- Kategoria
- Publikacja w czasopiśmie
- Typ
- artykuły w czasopismach recenzowanych i innych wydawnictwach ciągłych
- Język
- angielski
- Rok wydania
- 2010
Źródło danych: MOSTWiedzy.pl - publikacja "Simulating malware with MAlSim" link otwiera się w nowej karcie
