Deakin University
Browse

File(s) under permanent embargo

Modeling and analysis on the propagation dynamics of modern email malware

Version 2 2024-06-06, 00:27
Version 1 2015-03-30, 11:13
journal contribution
posted on 2024-06-06, 00:27 authored by S Wen, W Zhou, J Zhang, Y Xiang, W Jia, C C Zou
Due to the critical security threats imposed by email-based malware in recent years, modeling the propagation dynamics of email malware becomes a fundamental technique for predicting its potential damages and developing effective countermeasures. Compared to earlier versions of email malware, modern email malware exhibits two new features, reinfection and self-start. Reinfection refers to the malware behavior that modern email malware sends out malware copies whenever any healthy or infected recipients open the malicious attachment. Self-start refers to the behavior that malware starts to spread whenever compromised computers restart or certain files are visited. In the literature, several models are proposed for email malware propagation, but they did not take into account the above two features and cannot accurately model the propagation dynamics of modern email malware. To address this problem, we derive a novel difference equation based analytical model by introducing a new concept of virtual infected user. The proposed model can precisely present the repetitious spreading process caused by reinfection and self-start and effectively overcome the associated computational challenges. We perform comprehensive empirical and theoretical study to validate the proposed analytical model. The results show our model greatly outperforms previous models in terms of estimation accuracy. © 2013 IEEE.

History

Journal

IEEE Transactions on Dependable and Secure Computing

Volume

11

Pagination

361-374

Location

Piscataway, N.J.

ISSN

1545-5971

Language

eng

Publication classification

C Journal article, C1 Refereed article in a scholarly journal

Copyright notice

2014, IEEE

Issue

4

Publisher

IEEE