@inproceedings{1d599c5c43c640209774fb0e09b5f19e,
title = "A Functional Model and Analysis of Next Generation Malware Attacks and Defenses",
abstract = "Recent ransomware attacks (e.g., Colonial and JBS) caused significant social and economic impact due to their ability to shut down entire businesses. A functional model divides next-generation malware (NG-malware) attacks into 3 stages: Penetration (to gain a foothold), Propagation (to gain full control of target system), and a variety of Exploitation methods. The functional model shows that many attack methods and tools can be flexibly combined to bypass implementation-specific defenses at each stage, with the most important defense battleground being the prevention of NG-malware gaining full control of target system. Given the potential for further evolution of MG-malware, e.g., obfuscation of lateral movement jobs to increase both the speed and stealth of Propagation, it is crucial for the defense to develop effective defenses to detect NG-malware Propagation before ceding full control. An experimental platform that enables detailed evaluation of new NG-malware attacks and defenses is an effective tool in the battle for full control.",
keywords = "insider attack, malware, millibottleneck, obfuscation, ransomware",
author = "Calton Pu and Qingyang Wang and Yasuhiko Kanemasa and {Alves Lima}, Rodrigo and Joshua Kimball and Shungeng Zhang and Jianshu Liu and Xuhang Gu",
note = "Publisher Copyright: {\textcopyright} 2021 IEEE.; 3rd IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2021 ; Conference date: 13-12-2021 Through 15-12-2021",
year = "2021",
doi = "10.1109/TPSISA52974.2021.00023",
language = "English (US)",
series = "Proceedings - 2021 3rd IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2021",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "197--206",
booktitle = "Proceedings - 2021 3rd IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2021",
}