Accession Number:

AD1013112

Title:

IAPD: Integrated Adaptive and Proactive Defense against Stealthy Botnets

Descriptive Note:

Technical Report,01 Mar 2009,30 Nov 2012

Corporate Author:

University of Texas at San Antonio San Antonio United States

Personal Author(s):

• Xu,Shouhuai

Report Date:

2012-12-28

Pagination or Media Count:

301.0

Abstract:

This project studies how to combat stealthy botnets and malwares by exploring a novel framework called IAPD, which stands for Integrated Adaptive and Proactive Defenses. To achieve the goal, we take a systems-and-theory methodology, meaning that on one hand, we want to build systems that can deal with stealthy attacks, and on the other hand, we want to build a theoretical and foundational understanding of botnets. Such a theoretical understanding allows us to pave the way for achieving principled modeling, management, and decision-making in cyber defense. For systems research, we have built a real-life malware behavior system called Online Malware Analysis System OMAS, which is under significant further enhancements in design and implementation towards a practical tool. For theoretical research, we have been building mathematical models for understanding and reasoning the attack-defense interactions in cyberspace.

Descriptors:

• malware
• computer viruses
• computer network security
• intrusion detection (computers)
• computer program reliability
• supervised machine learning
• computer program documentation
• electronic mail
• internet
• cyberattacks
• communication channels
• web browsers

Subject Categories:

Distribution Statement:

APPROVED FOR PUBLIC RELEASE