White-Hat Worm to Fight Malware and Its Evaluation by Agent-Oriented Petri Nets †

A new kind of malware called Mirai is spreading like wildfire. Mirai is characterized by targeting Internet of Things (IoT) devices. Since IoT devices are increasing explosively, it is not realistic to manage their vulnerability by human-wave tactics. This paper proposes a new approach that uses a white-hat worm to fight malware. The white-hat worm is an extension of an IoT worm called Hajime and introduces lifespan and secondary infectivity (the ability to infect a device infected by Mirai). The proposed white-hat worm was expressed as a formal model with agent-oriented Petri nets called PN2. The model enables us to simulate a battle between the white-hat worm and Mirai. The result of the simulation evaluation shows that (i) the lifespan successfully reduces the worm’s remaining if short; (ii) if the worm has low secondary infectivity, its effect depends on the lifespan; and (iii) if the worm has high secondary infectivity, it is effective without depending on the lifespan.

[1]  Sasa Mrdovic,et al.  Analysis of Mirai malicious software , 2017, 2017 25th International Conference on Software, Telecommunications and Computer Networks (SoftCOM).

[2]  Xiaojiang Du,et al.  Adversarial Samples on Android Malware Detection Systems for IoT Systems , 2019, Sensors.

[3]  Shingo Yamaguchi,et al.  Modeling and Evaluation of Mitigation Methods against IoT Malware Mirai with Agent-Oriented Petri Net PN2 , 2019 .

[4]  Brij B. Gupta,et al.  Malware Threat in Internet of Things and Its Mitigation Analysis , 2021, Research Anthology on Combating Denial-of-Service Attacks.

[5]  Iván García-Magariño,et al.  ABS-TrustSDN: An Agent-Based Simulator of Trust Strategies in Software-Defined Networks , 2017, Secur. Commun. Networks.

[6]  Georgios Kambourakis,et al.  DDoS in the IoT: Mirai and Other Botnets , 2017, Computer.

[7]  Shingo Yamaguchi,et al.  Quantitative Evaluation of Hajime with Secondary Infectivity in Response to Mirai's Infection Situation , 2019, 2019 IEEE 8th Global Conference on Consumer Electronics (GCCE).

[8]  Koji Nakao Proactive cyber security response by utilizing passive monitoring technologies , 2018, 2018 IEEE International Conference on Consumer Electronics (ICCE).

[9]  Iván García-Magariño,et al.  PEABS: A Process for developing Efficient Agent-Based Simulators , 2015, Eng. Appl. Artif. Intell..

[10]  Shingo Yamaguchi,et al.  A support tool to design IoT services with NuSMV , 2017, 2017 IEEE International Conference on Consumer Electronics (ICCE).

[11]  Shingo Yamaguchi,et al.  Botnet Defense System: Concept and Basic Strategy , 2020, 2020 IEEE International Conference on Consumer Electronics (ICCE).

[12]  Mason J. Molesky,et al.  Internet of Things: An Analysis and Proposal of White Worm Technology , 2019, 2019 IEEE International Conference on Consumer Electronics (ICCE).

[13]  Victor Guilherme Turrisi da Costa,et al.  IoTDS: A One-Class Classification Approach to Detect Botnets in Internet of Things Devices , 2019, Sensors.

[14]  Qi-Wei Ge,et al.  Introduction of Petri Nets: Its Applications and Security Challenges , 2016 .

[15]  Lisandro Zambenedetti Granville,et al.  Improving IoT Botnet Investigation Using an Adaptive Network Layer , 2019, Sensors.

[16]  Kunihiko Hiraishi,et al.  A Petri-net-based model for the mathematical analysis of multi-agent systems , 2000, Smc 2000 conference proceedings. 2000 ieee international conference on systems, man and cybernetics. 'cybernetics evolving to systems, humans, organizations, and their complex interactions' (cat. no.0.

[17]  Hiroaki Tanaka,et al.  On modeling and simulation of the behavior of IoT malwares Mirai and Hajime , 2017, 2017 IEEE International Symposium on Consumer Electronics (ISCE).