Malware continues to pose one of the gravest threats to the Internet. While existing research efforts are producing promising defenses to counter today's threats, the landscape is rapidly changing as attackers become increasingly savvy. In this project, rather than blindly following the current practice in which defenses trail malware advances, we apply a first principles approach to Internet infection. Specifically, we explore a wide range of networked systems, including corporate networks and emerging wireless and mobile networks, and examine a list of potentially crippling attack strategies against these networks. The attacks we explore are faster, stealthier, or more virulent than current infection strategies. Moreover, they all share the characteristic of overwhelming existing defenses. The goals of this project are to develop analytical models that capture the unique behavior of such malware, and to use these models to gain a better understanding of emerging threats. Armed with this knowledge, we explore novel defenses that include camouflaged responders resilient to evasive attacks and distributed mobile network monitors capable of tracking mobile infections. We fully anticipate that results from this research will provide guidelines on how to secure future network architectures against emerging threats.
