2026-05-14T10:53:13Z https://ipsj.ixsq.nii.ac.jp/oai

oai:ipsj.ixsq.nii.ac.jp:00225368 2025-01-19T12:49:59Z 581:11107:11112

Simulating and Estimating the Effectiveness of Security Notification by ISP to Malware-Infected Users Simulating and Estimating the Effectiveness of Security Notification by ISP to Malware-Infected Users Xuping, Huang Shunsuke, Mochizuki Akira, Fujita Katsunari, Yoshioka Xuping, Huang Shunsuke, Mochizuki Akira, Fujita Katsunari, Yoshioka [特集:本格的なDXを支えるためのインターネットと運用技術] security notification, IoT malware infection, simulation, ISP In recent years, malware-infected devices, such as Mirai, have been used to conduct impactful attacks like massive DDoS attacks. Internet Service Providers (ISPs) respond by sending security notifications to infected users, instructing them to remove the malware; however, there are no approaches to quantify or simulate the performance and effectiveness of the notification activities. In this paper, we propose a model of security notification by ISPs. In the proposed model, we simulate the security notification with composite parameters, indicating the nature of malware attacks such as persistence of malware, user response ratio, and notification efforts by ISPs, and then discuss their effectiveness. Moreover, we conduct a simulation based on the actual attack. ------------------------------ This is a preprint of an article intended for publication Journal of Information Processing(JIP). This preprint should not be cited. This article should be cited as: Journal of Information Processing Vol.31(2023) (online) DOI　http://dx.doi.org/10.2197/ipsjjip.31.165 ------------------------------ In recent years, malware-infected devices, such as Mirai, have been used to conduct impactful attacks like massive DDoS attacks. Internet Service Providers (ISPs) respond by sending security notifications to infected users, instructing them to remove the malware; however, there are no approaches to quantify or simulate the performance and effectiveness of the notification activities. In this paper, we propose a model of security notification by ISPs. In the proposed model, we simulate the security notification with composite parameters, indicating the nature of malware attacks such as persistence of malware, user response ratio, and notification efforts by ISPs, and then discuss their effectiveness. Moreover, we conduct a simulation based on the actual attack. ------------------------------ This is a preprint of an article intended for publication Journal of Information Processing(JIP). This preprint should not be cited. This article should be cited as: Journal of Information Processing Vol.31(2023) (online) DOI　http://dx.doi.org/10.2197/ipsjjip.31.165 ------------------------------ 情報処理学会 2023-03-15 eng journal article https://ipsj.ixsq.nii.ac.jp/records/225368 1882-7764 AN00116647 情報処理学会論文誌 64 3 https://ipsj.ixsq.nii.ac.jp/record/225368/files/IPSJ-JNL6403006.pdf application/pdf 2.5 MB 2025-03-15