• DocumentCode
    1241280
  • Title

    A Quasi-Species Model for the Propagation and Containment of Polymorphic Worms

  • Author

    Stephenson, Bradley ; Sikdar, Biplab

  • Author_Institution
    Inf. Security Div., MITRE Corp., McLean, VA, USA
  • Volume
    58
  • Issue
    9
  • fYear
    2009
  • Firstpage
    1289
  • Lastpage
    1296
  • Abstract
    Polymorphic computer worms are characterized by their ability to change their byte sequence as they replicate and propagate, thereby aiming to thwart intrusion detection systems (IDSes). In this letter, we propose a model based on coevolution of biological quasi-species to characterize the propagation of polymorphic worms and the effect of IDSes on their dynamics. The model is used to derive the conditions required for the IDS to contain the worm. The model is validated using simulations.
  • Keywords
    computer crime; biological quasi-species; byte sequence; coevolution; polymorphic computer worms; thwart intrusion detection systems; Biological system modeling; Computational modeling; Grippers; Hamming distance; Mathematical model; Modeling; Strain; Network security; computer virus and worms; modeling techniques.;
  • fLanguage
    English
  • Journal_Title
    Computers, IEEE Transactions on
  • Publisher
    ieee
  • ISSN
    0018-9340
  • Type

    jour

  • DOI
    10.1109/TC.2009.63
  • Filename
    4815220
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1241280