Neural Swarm Virus

Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 1092)


The dramatic improvements in computational intelligence techniques over recent years have influenced many domains. Hence, it is reasonable to expect that virus writers will taking advantage of these techniques to defeat existing security solution. In this article, we outline a possible dynamic swarm smart malware, its structure, and functionality as a background for the forthcoming anti-malware solution. We propose how to record and visualize the behavior of the virus when it propagates through the file system. Neural swarm virus prototype, designed here, simulates the swarm system behavior and integrates the neural network to operate more efficiently. The virus’s behavioral information is stored and displayed as a complex network to reflect the communication and behavior of the swarm. In this complex network, every vertex is then individual virus instances. Additionally, the virus instances can use certain properties associated with the network structure to discovering target and executing a payload on the right object.


Swarm virus Swarm intelligence Neural network Malware Computer virus Security 



The following grants are acknowledged for the financial support provided for this research: Grant of SGS No. SP2019/137, VSB Technical University of Ostrava. This work was also supported by the Ministry of Education, Youth and Sports of the Czech Republic within the National Sustainability Programme Project no. LO1303 (MSMT-7778/2014), further by the European Regional Development Fund under the Project CEBIA-Tech no. CZ.1.05/2.1.00/03.0089.


  1. 1.
    Anderson, H.S., Kharkar, A., Filar, B., Evans, D., Roth, P.: Learning to evade static PE machine learning malware models via reinforcement learning. arXiv:1801.08917 (2018)
  2. 2.
    Anderson, H.S., Kharkar, A., Filar, B., Roth, P.: Evading machine learning malware detection. Black Hat (2017)Google Scholar
  3. 3.
    Anderson, H.S., Woodbridge, J., Filar, B.: DeepDGA: adversarially-tuned domain generation and detection. In: Proceedings of the 2016 ACM Workshop on Artificial Intelligence and Security, pp. 13–21. ACM (2016)Google Scholar
  4. 4.
    Aycock, J.: Computer Viruses and Malware, vol. 22. Springer, Heidelberg (2006). Scholar
  5. 5.
    Bianconi, G., Darst, R.K., Iacovacci, J., Fortunato, S.: Triadic closure as a basic generating mechanism of communities in complex networks. Phys. Rev. E 90(4), 042806 (2014)CrossRefGoogle Scholar
  6. 6.
    Bonabeau, E., Dorigo, M., Theraulaz, G.: Swarm Intelligence: From Natural to Artificial Systems. No. 1. Oxford University Press, Oxford (1999)zbMATHGoogle Scholar
  7. 7.
    Brundage, M., et al.: The malicious use of artificial intelligence: forecasting, prevention, and mitigation. arXiv preprint arXiv:1802.07228 (2018)
  8. 8.
    Cani, A., Gaudesi, M., Sanchez, E., Squillero, G., Tonda, A.P.: Towards automated malware creation: code generation and code integration. In: SAC, pp. 157–160 (2014)Google Scholar
  9. 9.
    Cohen, F.: Computer viruses: theory and experiments. Comput. Secur. 6(1), 22–35 (1987)CrossRefGoogle Scholar
  10. 10.
    Zelinka, I.: SOMA—self-organizing migrating algorithm. In: Davendra, D., Zelinka, I. (eds.) Self-Organizing Migrating Algorithm. SCI, vol. 626, pp. 3–49. Springer, Cham (2016). CrossRefzbMATHGoogle Scholar
  11. 11.
    Dorigo, M., Birattari, M.: Ant colony optimization. In: Sammut, C., Webb, G.I. (eds.) Encyclopedia of Machine Learning. Springer, Boston (2011). Scholar
  12. 12.
    Eberhart, R., Kennedy, J.: A new optimizer using particle swarm theory. In: Proceedings of the Sixth International Symposium on Micro Machine and Human Science, MHS 1995, pp. 39–43. IEEE (1995)Google Scholar
  13. 13.
    Filiol, E.: Strong cryptography armoured computer viruses forbidding code analysis: the Bradley virus. Ph.D. thesis, INRIA (2004)Google Scholar
  14. 14.
    Filiol, E.: Computer Viruses: From Theory to Applications. Springer, Heidelberg (2006). Scholar
  15. 15.
    Geigel, A.: Neural network Trojan. J. Comput. Secur. 21(2), 191–232 (2013)CrossRefGoogle Scholar
  16. 16.
    Geigel, A.: Unsupervised learning Trojan. Ph.D. thesis, Nova Southeastern University (2014)Google Scholar
  17. 17.
    Grosse, K., Papernot, N., Manoharan, P., Backes, M., McDaniel, P.: Adversarial perturbations against deep neural networks for malware classification. arXiv preprint arXiv:1606.04435 (2016)
  18. 18.
    Hu, W., Tan, Y.: Generating adversarial malware examples for black-box attacks based on GAN. arXiv preprint arXiv:1702.05983 (2017)
  19. 19.
    Kennedy, J.: Swarm intelligence. In: Zomaya, A.Y. (ed.) Handbook of Nature-Inspired and Innovative Computing, pp. 187–219. Springer, Boston (2006). Scholar
  20. 20.
    Kudo, T., Kimura, T., Inoue, Y., Aman, H., Hirata, K.: Behavior analysis of self-evolving botnets. In: 2016 International Conference on Computer, Information and Telecommunication Systems (CITS), pp. 1–5. IEEE (2016)Google Scholar
  21. 21.
    Kudo, T., Kimura, T., Inoue, Y., Aman, H., Hirata, K.: Stochastic modeling of self-evolving botnets with vulnerability discovery. Comput. Commun. 124, 101–110 (2018)CrossRefGoogle Scholar
  22. 22.
    Kushner, D.: The real story of stuxnet. IEEE Spectr. 3(50), 48–53 (2013)CrossRefGoogle Scholar
  23. 23.
    Lazfi, S., Lamzabi, S., Rachadi, A., Ez-Zahraouy, H.: The impact of neighboring infection on the computer virus spread in packets on scale-free networks. Int. J. Mod. Phys. B 31(30), 1750228 (2017)MathSciNetCrossRefGoogle Scholar
  24. 24.
    Meng, G., et al.: Mystique: evolving android malware for auditing anti-malware tools. In: Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, pp. 365–376. ACM (2016)Google Scholar
  25. 25.
    Noreen, S., Murtaza, S., Shafiq, M.Z., Farooq, M.: Evolvable malware. In: Proceedings of the 11th Annual Conference on Genetic and Evolutionary Computation, pp. 1569–1576. ACM (2009)Google Scholar
  26. 26.
    Pan, W., Jin, Z.: Edge-based modeling of computer virus contagion on a tripartite graph. Appl. Math. Comput. 320, 282–291 (2018)MathSciNetzbMATHGoogle Scholar
  27. 27.
    Parsaei, M.R., Javidan, R., Kargar, N.S., Nik, H.S.: On the global stability of an epidemic model of computer viruses. Theory Biosci. 136(3–4), 169–178 (2017)CrossRefGoogle Scholar
  28. 28.
    Prasse, P., Machlica, L., Pevný, T., Havelka, J., Scheffer, T.: Malware detection by analysing encrypted network traffic with neural networks. In: Ceci, M., Hollmén, J., Todorovski, L., Vens, C., Džeroski, S. (eds.) ECML PKDD 2017. LNCS (LNAI), vol. 10535, pp. 73–88. Springer, Cham (2017). Scholar
  29. 29.
    Rad, B.B., Masrom, M., Ibrahim, S.: Camouflage in malware: from encryption to metamorphism. Int. J. Comput. Sci. Netw. Secur. 12(8), 74–83 (2012)Google Scholar
  30. 30.
    Ren, J., Xu, Y.: A compartmental model for computer virus propagation with kill signals. Phys. A 486, 446–454 (2017)MathSciNetCrossRefGoogle Scholar
  31. 31.
    Singh, J., Kumar, D., Hammouch, Z., Atangana, A.: A fractional epidemiological model for computer viruses pertaining to a new fractional derivative. Appl. Math. Comput. 316, 504–515 (2018)MathSciNetzbMATHGoogle Scholar
  32. 32.
    Spafford, E.H.: Computer viruses as artificial life. Artif. Life 1(3), 249–265 (1994)CrossRefGoogle Scholar
  33. 33.
    Szor, P.: The Art of Computer Virus Research and Defense. Pearson Education, London (2005)Google Scholar
  34. 34.
    Whitley, D.: A genetic algorithm tutorial. Stat. Comput. 4(2), 65–85 (1994)CrossRefGoogle Scholar
  35. 35.
    Xu, W., Qi, Y., Evans, D.: Automatically evading classifiers. In: Proceedings of the 2016 Network and Distributed Systems Symposium, pp. 21–24 (2016)Google Scholar
  36. 36.
    Zelinka, I.: SOMA - self organizing migrating algorithm. In: Onwubolu, G.C., Babu, B.V. (eds.) New Optimization Techniques in Engineering. STUDFUZZ, vol. 141, pp. 167–217. Springer, Heidelberg (2004). Scholar
  37. 37.
    Zelinka, I., Chen, G.: Evolutionary Algorithms, Swarm Dynamics and Complex Networks: Methodology, Perspectives and Implementation, vol. 26. Springer, Heidelberg (2017). Scholar
  38. 38.
    Zelinka, I., Das, S., Sikora, L., Šenkeřík, R.: Swarm virus - next-generation virus and antivirus paradigm? Swarm Evol. Comput. 43, 207–224 (2018)CrossRefGoogle Scholar
  39. 39.
    Zelinka, I., Jouni, L.: Soma - self-organizing migrating algorithm. In: Mendel 2000, 6th International Conference on Soft Computing, Brno, Czech Republic, pp. 177–187 (2000)Google Scholar
  40. 40.
    Zhang, X., Gan, C.: Global attractivity and optimal dynamic countermeasure of a virus propagation model in complex networks. Phys. A 490, 1004–1018 (2018)MathSciNetCrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.Faculty of Electrical Engineering and Computer ScienceVSB-Technical University of OstravaOstrava-PorubaCzech Republic
  2. 2.Faculty of Applied InformaticsTomas Bata University in ZlinZlinCzech Republic

Personalised recommendations