Modeling infection methods of computer malware in the presence of vaccinations using epidemiological models: An analysis of real-world data

by   Elad Yom-Tov, et al.

Computer malware and biological pathogens often use similar mechanisms of infections. For this reason, it has been suggested to model malware spread using epidemiological models developed to characterize the spread of biological pathogens. However, most work examining the similarities between malware and pathogens using such methods was based on theoretical analysis and simulation. Here we extend the classical Susceptible-Infected-Recovered (SIR) epidemiological model to describe two of the most common infection methods used by malware. We fit the proposed model to malware collected over a period of one year from a major anti-malware vendor. We show that by fitting the proposed model it is possible to identify the method of transmission used by the malware, its rate of infection, and the number of machines which will be infected unless blocked by anti-virus software. The Spearman correlation between the number of actual and predicted infected machines is 0.84. Examining cases where an anti-malware "signature" was transmitted to susceptible computers by the anti-virus provider, we show that the time to remove the malware will be short and independent of the number of infected computers if fewer than approximately 60 infected. If more computers were infected, the time to removal will be approximately 3.2 greater, and will depend on the fraction of infected computers. Our results show that the application of epidemiological models of infection to malware can provide anti-virus providers with information on malware spread and its potential damage. We further propose that similarities between computer malware and biological pathogens, the availability of data on the former and the dearth of data on the latter, make malware an extremely useful model for testing interventions which could later be applied to improve medicine.


page 1

page 2

page 3

page 4


Malware Detection and Analysis: Challenges and Research Opportunities

Malwares are continuously growing in sophistication and numbers. Over th...

Anti-Malware Sandbox Games

We develop a game theoretic model of malware protection using the state-...

Discovering Encrypted Bot and Ransomware Payloads Through Memory Inspection Without A Priori Knowledge

Malware writers frequently try to hide the activities of their agents wi...

Preventing Malicious Use of Keyloggers Using Anti-Keyloggers

Multinational corporations routinely track how its employees use their c...

Correlation of biological and computer viruses through evolutionary game theory

Computer viruses have many similarities to biological viruses, and their...

Viewing biological and computer viruses as manifestations of games

Computer viruses exhibit many similarities with biological viruses. Thus...

SoK: How Not to Architect Your Next-Generation TEE Malware?

Besides Intel's SGX technology, there are long-running discussions on ho...

Please sign up or login with your details

Forgot password? Click here to reset