network malware simulation
Jing Conan Wang
Abstract
In one of my previous open source project SADIT, I implemented an abnormal traffic generator based on two simple models. For the GSoC project, I would like to extend the ideas of SADIT, making it more similar to the real world malware network behavior.
Additional Information
Student: Jing Conan Wang
Primary mentor: Hugo Gonzalez
Backup mentor: Jianwei Zhuge
Google Melange: http://www.google-melange.com/gsoc/project/google/gsoc2012/jingconanwang/17001
Project Overview:
The software works above ns-3. It support both simulation and emulation. We will focus on ns-3. I have some experiences about ns-2, but ns-3 has made a lot of changes so I need some time to get familiar with that.
We will focus on two types of malware behaviour: botnet and worm.
By the end of the summer, we should have a software that can: 1 simulate the traffic of attack generated by botnet. 2 simulate the behaviour of worm infection in the network. From the May 21st to Mid Term Assessments, I will focus on botnet and after that I will focus on worm.
Project Plan:
My planned timeline is as follows:
April 23rd - May20th: Community Bonding Period
literature review of malware network behaviour
get familiar with ns3
May 21st : GSoC 2012 coding officially starts
May 26-June 5 Design the general structure for the simulator.
June 5 - July 8 Implement the part for Botnet
by July 8, we should have
a software that can work and can both simulate & emulate the behaviour of botnet.
done some experiments using the software, finished a report about the results
June 5 - June 20: Work on the simulation part
June 21 - June 30: Work on the emulation part
July 1 - July 8: Write testbed and get some results
July 9th - July 13th: Mid Term Assessments
July 14th - August 12th: Implement the part for worm
by August 12th, we should finish most parts of the software.
The software should also be able to simulate & emulate the behaviour of worm.
have done some experiments of worms using this software and finished a report
July 14 - July 25: simulation part
July 25 - Aug 5: emulation part
Aug 5 - Aug 13: write testbed and do some experiments
August 13th: Suggested "pencils down" date, coding close to done
August 14 - August 19: refactoring the code.
August 20th: Firm "pencils down" date, coding must be done
August 24th - August 27th: Final Assessments
August 31st - Public code uploaded and available to Google
Code samples
| File name | Size | Date submitted |
|---|---|---|
| Jing_Wang.tar.gz | 3.0 MB | August 26 2012 02:55 UTC |