Limitations of Scanned Human Copresence Encounters for Modelling Proximity-Borne Malware

James Mitchell, Eamonn O'Neill, G Zyba, G M Voelker, M Liljenstam, A Mehes, P Johansson

Research output: Chapter in Book/Report/Conference proceedingChapter

1 Citation (Scopus)
67 Downloads (Pure)

Abstract

Patterns of human encounters, which are difficult to observe directly, are fundamental to the propagation of mobile malware aimed at infecting devices in spatial proximity. We investigate errors introduced by using scanners that detect the presence of devices on the assumption that device copresence at a scanner corresponds to a device encounter. We show in an ideal static model that only 59% of inferred encounters correspond to actual device copresence. To investigate the effects of mobility, we use a simulator to compare encounters between devices with those inferred by scanners. We show that the statistical properties of scanned encounters differ from actual device encounters in ways which impact malware propagation dynamics, a form of aggressive data dissemination. In addition to helping us understand the limitations of encounter data gathered by scanners in the field, our use of virtual scanners suggests a practical method for using these empirical datasets to better inform simulations of proximity malware outbreaks and similar data dissemination applications.
Original languageEnglish
Title of host publication2012 4th International Conference on Communication Systems and Networks, COMSNETS 2012
PublisherIEEE
ISBN (Print)9781467302982
DOIs
Publication statusPublished - 2012

Fingerprint

Simulators
Malware

Cite this

Mitchell, J., O'Neill, E., Zyba, G., Voelker, G. M., Liljenstam, M., Mehes, A., & Johansson, P. (2012). Limitations of Scanned Human Copresence Encounters for Modelling Proximity-Borne Malware. In 2012 4th International Conference on Communication Systems and Networks, COMSNETS 2012 IEEE. https://doi.org/10.1109/COMSNETS.2012.6151306

Limitations of Scanned Human Copresence Encounters for Modelling Proximity-Borne Malware. / Mitchell, James; O'Neill, Eamonn; Zyba, G; Voelker, G M; Liljenstam, M; Mehes, A; Johansson, P.

2012 4th International Conference on Communication Systems and Networks, COMSNETS 2012. IEEE, 2012.

Research output: Chapter in Book/Report/Conference proceedingChapter

Mitchell, J, O'Neill, E, Zyba, G, Voelker, GM, Liljenstam, M, Mehes, A & Johansson, P 2012, Limitations of Scanned Human Copresence Encounters for Modelling Proximity-Borne Malware. in 2012 4th International Conference on Communication Systems and Networks, COMSNETS 2012. IEEE. https://doi.org/10.1109/COMSNETS.2012.6151306
Mitchell J, O'Neill E, Zyba G, Voelker GM, Liljenstam M, Mehes A et al. Limitations of Scanned Human Copresence Encounters for Modelling Proximity-Borne Malware. In 2012 4th International Conference on Communication Systems and Networks, COMSNETS 2012. IEEE. 2012 https://doi.org/10.1109/COMSNETS.2012.6151306
Mitchell, James ; O'Neill, Eamonn ; Zyba, G ; Voelker, G M ; Liljenstam, M ; Mehes, A ; Johansson, P. / Limitations of Scanned Human Copresence Encounters for Modelling Proximity-Borne Malware. 2012 4th International Conference on Communication Systems and Networks, COMSNETS 2012. IEEE, 2012.
@inbook{a8081645cf3a4101822494fa2948ea77,
title = "Limitations of Scanned Human Copresence Encounters for Modelling Proximity-Borne Malware",
abstract = "Patterns of human encounters, which are difficult to observe directly, are fundamental to the propagation of mobile malware aimed at infecting devices in spatial proximity. We investigate errors introduced by using scanners that detect the presence of devices on the assumption that device copresence at a scanner corresponds to a device encounter. We show in an ideal static model that only 59{\%} of inferred encounters correspond to actual device copresence. To investigate the effects of mobility, we use a simulator to compare encounters between devices with those inferred by scanners. We show that the statistical properties of scanned encounters differ from actual device encounters in ways which impact malware propagation dynamics, a form of aggressive data dissemination. In addition to helping us understand the limitations of encounter data gathered by scanners in the field, our use of virtual scanners suggests a practical method for using these empirical datasets to better inform simulations of proximity malware outbreaks and similar data dissemination applications.",
author = "James Mitchell and Eamonn O'Neill and G Zyba and Voelker, {G M} and M Liljenstam and A Mehes and P Johansson",
year = "2012",
doi = "10.1109/COMSNETS.2012.6151306",
language = "English",
isbn = "9781467302982",
booktitle = "2012 4th International Conference on Communication Systems and Networks, COMSNETS 2012",
publisher = "IEEE",
address = "USA United States",

}

TY - CHAP

T1 - Limitations of Scanned Human Copresence Encounters for Modelling Proximity-Borne Malware

AU - Mitchell, James

AU - O'Neill, Eamonn

AU - Zyba, G

AU - Voelker, G M

AU - Liljenstam, M

AU - Mehes, A

AU - Johansson, P

PY - 2012

Y1 - 2012

N2 - Patterns of human encounters, which are difficult to observe directly, are fundamental to the propagation of mobile malware aimed at infecting devices in spatial proximity. We investigate errors introduced by using scanners that detect the presence of devices on the assumption that device copresence at a scanner corresponds to a device encounter. We show in an ideal static model that only 59% of inferred encounters correspond to actual device copresence. To investigate the effects of mobility, we use a simulator to compare encounters between devices with those inferred by scanners. We show that the statistical properties of scanned encounters differ from actual device encounters in ways which impact malware propagation dynamics, a form of aggressive data dissemination. In addition to helping us understand the limitations of encounter data gathered by scanners in the field, our use of virtual scanners suggests a practical method for using these empirical datasets to better inform simulations of proximity malware outbreaks and similar data dissemination applications.

AB - Patterns of human encounters, which are difficult to observe directly, are fundamental to the propagation of mobile malware aimed at infecting devices in spatial proximity. We investigate errors introduced by using scanners that detect the presence of devices on the assumption that device copresence at a scanner corresponds to a device encounter. We show in an ideal static model that only 59% of inferred encounters correspond to actual device copresence. To investigate the effects of mobility, we use a simulator to compare encounters between devices with those inferred by scanners. We show that the statistical properties of scanned encounters differ from actual device encounters in ways which impact malware propagation dynamics, a form of aggressive data dissemination. In addition to helping us understand the limitations of encounter data gathered by scanners in the field, our use of virtual scanners suggests a practical method for using these empirical datasets to better inform simulations of proximity malware outbreaks and similar data dissemination applications.

UR - http://dx.doi.org/10.1109/COMSNETS.2012.6151306

U2 - 10.1109/COMSNETS.2012.6151306

DO - 10.1109/COMSNETS.2012.6151306

M3 - Chapter

SN - 9781467302982

BT - 2012 4th International Conference on Communication Systems and Networks, COMSNETS 2012

PB - IEEE

ER -