Open AccessMalware Classification for Cyber Physical System (CPS) based on Phylogenetics
Author(s) -
Madihah Mohd Saudi,
Sazali Sukardi,
Noor Sa ida Nafisah Mohd Aziz,
Aminah Ahmad,
Muhammad Afif Husainiamer
Publication year - 2019
Publication title -
international journal of engineering and advanced technology
Language(s) - English
Resource type - Journals
ISSN - 2249-8958
DOI - 10.35940/ijeat.a2711.109119
Subject(s) - malware , computer security , government (linguistics) , computer science , cyber physical system , damages , political science , philosophy , linguistics , law , operating system
Nowadays, the sectors most commonly targeted by malwares across the world are manufacturing, oil and gas, and education. Malwares such as BlackEnergy2 and Triton have the ability to cause severe, life-threatening damages to an organization and critical infrastructure systems such as oil and gas. Security researchers and practitioners are looking for efficient solutions to mitigate such malware attacks. Therefore, this paper presents a malware cyber physical system (CPS) classification to detect attacks. This classification is inspired by phylogenetics, borrowed from the biological area in terms of evolutionary relationships among biological organisms. As for the cyber security perspective, it discovers the evolution ancestry of malware genes. This malware classification approach includes malware behavior, mode of attack and connected assets in the network. It can detect numerous forms of malware attacks based on correlation. The research is beneficial for CPS developers, suppliers and contractors, government agencies which regulate and govern utility operations, and the National Cyber Security Center (NCSC) which is responsible for protecting CPS.