A NEW ANALYSIS OF CRYPTOLOCKER RANSOMWARE AND WELCHIA WORM PROPAGATION BEHAVIOR. SOME APPLICATIONS. III

In this paper we receive new models that in some situations can be applied to model computer viruses propagation. Welchia worm and Cryptolocker ransomware have a long growing phase in contrast to many other threats. In September 2013 the CryptoLocker malware starting its invasion using mainly P2P ZeuS (aka Gameover ZeuS) malware. CryptoLocker’ main aim was to receive money from the unsuspecting victims for decrypting their files. Welchia worm uses a vulnerability in the Microsoft remote procedure call service. Welchia firstly checks for Blaster worm and if it is exists continues with Blaster deletion as well as takes care for computer to be immunised for Blaster worm. Also we modeled Malicious high–risk Android App volume growth; Malware evolution; Number of users attacked by Trojan-Ransom malware; Number of users attacked by crypto-ransomware; Number of unique users attacked by Trojan-Ransom.AndroidOS.Fusob; and ”Seasonal data”. As the authors in [3] mention: “Even traffic traces used in research papers (e.g. Slammer [4] and Code-red [5]) are not public. From the published papers [4], [5] we are not able to find parameters that can be used in our model”. Many researchers make a hard efforts to describe adequately situation connected to worm propagation [15]–[63]. AMS Subject Classification: 97N50 360 N. KYURKCHIEV, A. ILIEV, A. RAHNEV, AND T. TERZIEVA

[1]  Kyurkchiev Nikolay,et al.  Sigmoid Functions: Some Approximation and Modelling Aspects , 2015 .

[2]  N. Kyurkchiev,et al.  A NEW ANALYSIS OF CODE RED AND WITTY WORMS BEHAVIOR , 2019 .

[3]  Seong-Moo Yoo,et al.  Stability analysis of VEISV propagation modeling for network worm attack , 2012 .

[4]  Nikolay Butakov,et al.  Hybrid Scheduling Algorithm in Early Warning Systems , 2014, ICCS.

[5]  Min Wu,et al.  Propagation model of smartphone worms based on semi-Markov process and social relationship graph , 2014, Comput. Secur..

[6]  Sudarshan K. Dhall,et al.  Measurement and analysis of worm propagation on Internet network topology , 2004, Proceedings. 13th International Conference on Computer Communications and Networks (IEEE Cat. No.04EX969).

[7]  Guanhua Yan,et al.  Modeling Propagation Dynamics of Bluetooth Worms (Extended Version) , 2009, IEEE Transactions on Mobile Computing.

[8]  Ma Guoqing,et al.  Notice of RetractionThe research and development of worm defense strategies , 2010, 2010 3rd International Conference on Computer Science and Information Technology.

[9]  Fangwei Wang,et al.  Epidemic Models Applied to Worms on Internet , 2009, 2009 Second International Conference on Intelligent Networks and Intelligent Systems.

[10]  Stefan Savage,et al.  Inside the Slammer Worm , 2003, IEEE Secur. Priv..

[11]  Dong Hwi Lee,et al.  A study on abnormal event correlation analysis for convergence security monitor , 2011, Cluster Computing.

[12]  Yan Ma,et al.  Modeling and analysis of Internet worm propagation , 2010 .

[13]  David Moore,et al.  Code-Red: a case study on the spread and victims of an internet worm , 2002, IMW '02.

[14]  Zhi-Hong Guan,et al.  Impulsive control of the spread of worms with nonlinear incidence rates , 2010, 2010 Chinese Control and Decision Conference.

[15]  Yu Yao,et al.  The Worm Propagation Model with Pulse Quarantine Strategy , 2010, 2010 International Conference on Multimedia Information Networking and Security.

[16]  Panayiotis Kotzanikolaou,et al.  Toward early warning against Internet worms based on critical-sized networks , 2013, Secur. Commun. Networks.

[17]  Dong Xuan,et al.  Peer-to-peer system-based active worm attacks: modeling and analysis , 2005, IEEE International Conference on Communications, 2005. ICC 2005. 2005.

[18]  Peter Szor,et al.  The Art of Computer Virus Research and Defense , 2005 .

[19]  Roumen Anguelov,et al.  Hausdorff Continuous Interval Functions and Approximations , 2014, SCAN.

[20]  Svetoslav Markov,et al.  On the Hausdorff distance between the Heaviside step function and Verhulst logistic function , 2015, Journal of Mathematical Chemistry.

[21]  Donald F. Towsley,et al.  The monitoring and early detection of Internet worms , 2005, IEEE/ACM Transactions on Networking.

[22]  Wei Sheng-jun,et al.  Modeling and Analyzing the Spread of Worms with Bilinear Incidence Rate , 2009 .

[23]  Roberto Uribeetxeberria,et al.  A data mining approach for analysis of worm activity through automatic signature generation , 2008, AISec '08.

[24]  Lei Wu,et al.  Honeypot detection in advanced botnet attacks , 2010, Int. J. Inf. Comput. Secur..

[26]  Lucian C. Coroianu,et al.  The max-product generalized sampling operators: convergence and quantitative estimates , 2019, Appl. Math. Comput..

[27]  Junhua Chen,et al.  Modeling and Analyzing the Spread of Worms with Bilinear Incidence Rate , 2009, 2009 Fifth International Conference on Information Assurance and Security.

[28]  Ma Yan,et al.  A survey of internet worm propagation models , 2009, 2009 2nd IEEE International Conference on Broadband Network & Multimedia Technology.

[29]  Zhang Wei,et al.  The study of network worm propagation simulation , 2010, 2010 International Conference on Computer Application and System Modeling (ICCASM 2010).

[30]  Donald F. Towsley,et al.  Code red worm propagation modeling and analysis , 2002, CCS '02.

[31]  Vern Paxson,et al.  How to Own the Internet in Your Spare Time , 2002, USENIX Security Symposium.

[32]  Anmol Misra Android (in) Security , 2013 .

[33]  Xuesong Wang,et al.  Modeling Propagation of Active P2P Worm in Chord Network , 2011, ICFCE.

[34]  Sulaiman Mohd Nor,et al.  Analysis of internet malware propagation models and mitigation strategies , 2012 .

[35]  Donald F. Towsley,et al.  On the performance of Internet worm scanning strategies , 2006, Perform. Evaluation.

[36]  Shouhuai Xu,et al.  Push- and pull-based epidemic spreading in networks: Thresholds and deeper insights , 2012, TAAS.

[37]  Qifeng Liu,et al.  A novel model for the internet worm propagation , 2010, 2010 Sixth International Conference on Natural Computation.

[38]  Saurabh Bagchi,et al.  Modeling and automated containment of worms , 2005, 2005 International Conference on Dependable Systems and Networks (DSN'05).

[39]  Donald F. Towsley,et al.  Worm propagation modeling and analysis under dynamic quarantine defense , 2003, WORM '03.

[40]  Juan Zhang,et al.  The Dynamical Modeling Analysis of the Spreading of Passive Worms in P2P Networks , 2018 .

[41]  Bander Ali Saleh Al-rimy,et al.  Ransomware threat success factors, taxonomy, and countermeasures: A survey and research directions , 2018, Comput. Secur..

[42]  David Moore,et al.  The Spread of the Witty Worm , 2004, IEEE Secur. Priv..

[43]  James A. Jerkins,et al.  Mitigating IoT insecurity with inoculation epidemics , 2018, ACM Southeast Regional Conference.

[44]  D. Costarelli,et al.  Constructive Approximation by Superposition of Sigmoidal Functions , 2013 .

[45]  Francesco Palmieri,et al.  Containing large-scale worm spreading in the Internet by cooperative distribution of traffic filtering policies , 2008, Comput. Secur..

[46]  Mark A. Lewis,et al.  Growth and diffusion phenomena: Mathematical frameworks and applications , 1996 .

[47]  Tao Li,et al.  The stability of a worm propagation model with time delay on homogeneous networks , 2010, 2010 International Conference on Intelligent Control and Information Processing.

[48]  Antonio Pescapè,et al.  Analysis of a "/0" stealth scan from a botnet , 2015, TNET.

[49]  Michel van Eeten,et al.  Post-Mortem of a Zombie: Conficker Cleanup After Six Years , 2015, USENIX Security Symposium.

[50]  Min Chen,et al.  Hyper-Compact Virtual Estimators for Big Network Data Based on Register Sharing , 2015, SIGMETRICS.

[51]  Qiming Liu,et al.  Modelling and Analysis of an SIRS Model for Worm Propagation , 2009, 2009 International Conference on Computational Intelligence and Security.