A Functional Model and Analysis of Next Generation Malware Attacks and Defenses
Document Type
Conference Proceeding
Publication Date
1-1-2021
Abstract
Recent ransomware attacks (e.g., Colonial and JBS) caused significant social and economic impact due to their ability to shut down entire businesses. A functional model divides next-generation malware (NG-malware) attacks into 3 stages: Penetration (to gain a foothold), Propagation (to gain full control of target system), and a variety of Exploitation methods. The functional model shows that many attack methods and tools can be flexibly combined to bypass implementation-specific defenses at each stage, with the most important defense battleground being the prevention of NG-malware gaining full control of target system. Given the potential for further evolution of MG-malware, e.g., obfuscation of lateral movement jobs to increase both the speed and stealth of Propagation, it is crucial for the defense to develop effective defenses to detect NG-malware Propagation before ceding full control. An experimental platform that enables detailed evaluation of new NG-malware attacks and defenses is an effective tool in the battle for full control.
Publication Source (Journal or Book title)
Proceedings - 2021 3rd IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2021
First Page
197
Last Page
206
Recommended Citation
Pu, C., Wang, Q., Kanemasa, Y., Alves Lima, R., Kimball, J., Zhang, S., Liu, J., & Gu, X. (2021). A Functional Model and Analysis of Next Generation Malware Attacks and Defenses. Proceedings - 2021 3rd IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2021, 197-206. https://doi.org/10.1109/TPSISA52974.2021.00023
