Volume 10 Issue 4
Detection and Modeling of Cyber Attacks with Petri Nets
Bartosz Jasiul, Marcin Szpyrka and Joanna Śliwa
1C4I Systems’ Department, Military Communication Institute, ul. Warszawska 22A, 05-130 Zegrze, Poland
2Department of Applied Computer Science, AGH University of Science and Technology, al. Mickiewicza 30, 30-059 Krakow, Poland
*
Author to whom correspondence should be addressed
Abstract
The aim of this article is to present an approach to develop and verify a method of formal modeling of cyber threats directed at computer systems. Moreover, the goal is to prove that the method enables one to create models resembling the behavior of malware that support the detection process of selected cyber attacks and facilitate the application of countermeasures. The most common cyber threats targeting end users and terminals are caused by malicious software, called malware. The malware detection process can be performed either by matching their digital signatures or analyzing their behavioral models. As the obfuscation techniques make the malware almost undetectable, the classic signature-based anti-virus tools must be supported with behavioral analysis. The proposed approach to modeling of malware behavior is based on colored Petri nets. This article is addressed to cyber defense researchers, security architects and developers solving up-to-date problems regarding the detection and prevention of advanced persistent threats.
Keywords:malware; cyber attack; colored Petri net; malware detection; behavioral analysis