Extension of the genetic algorithm based malware strategy evolution forecasting model for botnet strategy evolution modeling

Abstract

Botnets are considered to be among the biggest current threats to global IT infrastructure. Botnets are rapidly evolving and forecasting their survivability and propagation strategies is important for development of countermeasure techniques. Existing malware propagation models mainly concentrate on malware epidemic consequences modeling, i.e. forecasting the number of infected computers, simulating malware behavior or economic propagation aspects and are based only on current malware propagation strategies or oriented to other malware types. In this article we propose the botnet-oriented extension to our genetic algorithm based model, which aims at forecasting botnet propagation strategy evolution and may be used as a framework for other characteristics evolution forecasting. The efficiency of strategies is evaluated by applying the proposed fitness function. Genetic algorithm is selected as a modeling tool taking into consideration the efficiency of this method while solving optimization and modeling problems with large solution space. The main application of the proposed model framework is a countermeasures planning in advance and computer network design optimization.