Grottke M, Avritzer A, Menasché DS, Altman E (2016)
Publication Language: English
Publication Type: Journal article
Publication year: 2016
Book Volume: 43
Pages Range: 33-42
Journal Issue: 4
Ensuring system survivability in the wake of advanced persistent threats is a big challenge that the security community is facing to ensure critical infrastructure protection. In this paper, we define metrics and models for the assessment of coordinated massive malware campaigns targeting critical infrastructure sectors. First, we develop an analytical model that allows us to capture the effect of neighborhood on different metrics (e.g., infection probability and contagion probability). Then, we assess the impact of putting operational but possibly infected nodes into quarantine. Finally, we study the implications of scanning nodes for early detection of malware (e.g., worms), accounting for false positives and false negatives. Evaluating our methodology using an hierarchical topology typical of factory automation networks, we find that malware infections can be effectively contained by using quarantine and appropriate rates of scanning for soft impacts.
APA:
Grottke, M., Avritzer, A., Menasché, D.S., & Altman, E. (2016). On the efficiency of sampling and countermeasures to critical-infrastructure-targeted malware campaigns. ACM SIGMETRICS Performance Evaluation Review, 43(4), 33-42. https://doi.org/10.1145/2897356.2897361
MLA:
Grottke, Michael, et al. "On the efficiency of sampling and countermeasures to critical-infrastructure-targeted malware campaigns." ACM SIGMETRICS Performance Evaluation Review 43.4 (2016): 33-42.
BibTeX: Download