Malware Classification for Cyber Physical System (CPS) based on Phylogenetics
Madihah Mohd Saudi1, Sazali Sukardi2, Noor Azwa Azreen Abd Aziz3, Azuan Ahmad4, Muhammad ‘Afif Husainiamer5
1Madihah Mohd Saudi*, Cyber Security & Systems Research Unit, Islamic Science Institute, University Sains Islam Malaysia, Nilai, Malaysia.
2Sazali Sukardi, Cyber Security Malaysia, Cyberjaya, Malaysia.
3Noor Azwa Azreen Abd Aziz, Cyber Security Malaysia, Cyberjaya, Malaysia.
4Azuan Ahmad, Cyber Security & Systems Research Unit, Islamic Science Institute, University Sains Islam Malaysia, Nilai, Malaysia.
5Muhammad ‘Afif Husainiamer, Cyber Security & Systems Research Unit, Islamic Science Institute, University Sains Islam Malaysia, Nilai, Malaysia.
Manuscript received on September 01, 2019. | Revised Manuscript received on September 22, 2019. | Manuscript published on October 30, 2019. | PP: 3666-3670 | Volume-9 Issue-1, October 2019 | Retrieval Number: A2711109119/2019©BEIESP | DOI: 10.35940/ijeat.A2711.109119
Open Access | Ethics and Policies | Cite | Mendeley
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: Nowadays, the sectors most commonly targeted by malwares across the world are manufacturing, oil and gas, and education. Malwares such as BlackEnergy2 and Triton have the ability to cause severe, life-threatening damages to an organization and critical infrastructure systems such as oil and gas. Security researchers and practitioners are looking for efficient solutions to mitigate such malware attacks. Therefore, this paper presents a malware cyber physical system (CPS) classification to detect attacks. This classification is inspired by phylogenetics, borrowed from the biological area in terms of evolutionary relationships among biological organisms. As for the cyber security perspective, it discovers the evolution ancestry of malware genes. This malware classification approach includes malware behavior, mode of attack and connected assets in the network. It can detect numerous forms of malware attacks based on correlation. The research is beneficial for CPS developers, suppliers and contractors, government agencies which regulate and govern utility operations, and the National Cyber Security Center (NCSC) which is responsible for protecting CPS.
Keywords: Cyber Physical System (CPS), Malware Attacks, Malware Classification, Phylogenetic.