 Malware modeling and experimentation through parameterized behaviorZ. Berkay Celik, Patrick McDaniel and Thomas Bowen The Journal of Defense Modeling and Simulation, 2018, vol. 15, issue 1, 31-48 Abstract: Experimentation is critical to understanding the malware operation and to evaluating potential defenses. However, constructing the controlled environments needed for this experimentation is both time-consuming and error-prone. In this study, we highlight several common mistakes made by researchers and conclude that existing evaluations of malware detection techniques often lack in both flexibility and transparency . For instance, we show that small variations in the malware’s behavioral parameters can have a significant impact on the evaluation results. These variations, if unexplored, may lead to overly optimistic conclusions and detection systems that are ineffective in practice. To overcome these issues, we propose a framework to model malware behavior and guide systematic parameter selection. We evaluate our framework using a synthetic botnet executed within the CyberVAN testbed. Our study is intended to foster critical evaluation of proposed detection techniques and stymie unintentionally erroneous experimentation. Keywords: Experimentation; malware modeling; simulation (search for similar items in EconPapers) Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:sae:joudef:v:15:y:2018:i:1:p:31-48 Access Statistics for this article More articles in The Journal of Defense Modeling and Simulation |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.