Jacob Williams
Investigating malware propagation and behaviour using system and network pixel-based visualisation
Williams, Jacob; Legg, Phil
Abstract
Malicious software, known as malware, is a perpetual game of cat and mouse between malicious software developers and security professionals. Recent years have seen many high profile cyber attacks, including the WannaCry and NotPetya ransomware attacks that resulted in major financial damages to many businesses and institutions. Understanding the characteristics of such malware, including how malware can propagate and interact between systems and networks is key for mitigating these threats and containing the infection to avoid further damage. In this study, we present visualisation techniques for understanding the propagation characteristics in dynamic malware analysis. We propose the use of pixel-based visualisations to convey large-scale complex information about network hosts in a scal-able and informative manner. We demonstrate our approach using a virtualised network environment, whereby we can deploy malware variants and observe their propagation behaviours. As a novel form of visualising system and network activity data across a complex environment, we can begin to understand visual signatures that can help analysts identify key characteristics of the malicious behaviours, and therefore provoke response and mitigation against such attacks.
Citation
Williams, J., & Legg, P. (2022). Investigating malware propagation and behaviour using system and network pixel-based visualisation. SN Computer Science, 3(1), Article 53. https://doi.org/10.1007/s42979-021-00926-9
Journal Article Type | Article |
---|---|
Acceptance Date | Oct 4, 2021 |
Online Publication Date | Nov 9, 2021 |
Publication Date | Jan 1, 2022 |
Deposit Date | Oct 5, 2021 |
Publicly Available Date | Nov 16, 2021 |
Journal | SN Computer Science |
Publisher | Springer |
Peer Reviewed | Peer Reviewed |
Volume | 3 |
Issue | 1 |
Article Number | 53 |
DOI | https://doi.org/10.1007/s42979-021-00926-9 |
Public URL | https://uwe-repository.worktribe.com/output/7911292 |
Files
Investigating malware propagation and behaviour using system and network pixel-based visualisation
(8.4 Mb)
PDF
Licence
http://creativecommons.org/licenses/by/4.0/
Publisher Licence URL
http://creativecommons.org/licenses/by/4.0/
You might also like
Analyst-driven XAI for time series forecasting: Analytics for telecoms maintenance
(2024)
Conference Proceeding
Improving search space analysis of fuzzing mutators using cryptographic structures
(2023)
Conference Proceeding
Longitudinal risk-based security assessment of docker software container images
(2023)
Journal Article
Teaching offensive and defensive cyber security in schools using a Raspberry Pi Cyber Range
(2023)
Journal Article
Downloadable Citations
About UWE Bristol Research Repository
Administrator e-mail: repository@uwe.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search