Project Proposal

My idea for the term project takes cues from XKCD (a webcomic) and involves simulating the spread of computer viruses through a network of computers. The simulation would be turn based, in the sense that for every period of time, each animate object would be alloted one action.

Each simulated computer would be assigned a unique IP address and would be able to exchange email, execute email attachments, and visit a selection of simulated websites and download files from them. Individual computers would also need to have their own email addresses and address books, containing the addresses of a random selection of other computers' on the network.

Some machines would act as clients, with only one connection to the rest of the network, and others would be servers, which would have many connections. The computers would have antivirus and firewalls (though not all of them would have these security features enabled) and they would also either be up to date with the latest security patches and virus updates or not be up to date.

I envision three to four types of viruses existing in this simulation, but there is room for more if I can think of how to implement them. E-Mail Trojans would e-mail themselves around the network to single or multiple recipients who would be infected if they executed the attachments, Worms would scan network for open ports on computers that do not have the latest security updates. Some of the viruses would be able to defeat antivirus software and disable firewalls, and others would simply take down machines. Resident Viruses would embed themselves in files that would be downloaded from the 'internet' by the computers and would infect them upon being executed. Malicious code could also exist on websites, mimicking some of the nasty Active-X scripts that exist on the real internet.

For the simulated web-browsing to work, there would need to be a list of available websites, some of which would contain malicious code, and others would be clean. If a computer is browsing the web, it has a chance of downloading a file from the website, which may or may not be infected.

Antivirus software would be able to scan the computers for viruses and then attempt to remove any that they find. The viruses would all have a creation date, and each instance of the antivirus software would contain a variable storing the date of the most recent virus definition update. These two dates would be compared in order to decide whether or not the antivirus software would be able to remove the viruses.

The animate objects would obviously be the active viruses, since they would be move about. The resident viruses and malicious web code would be inactive because the computer would have to perform an action on them in order to be infected. The computers could also be considered active, since they will send emails and browse the web without necessarily being infected. Antivirus software would be able to scan for viruses and then remove them if any were found, this makes them reactive inanimates, since the antivirus software won't be moving around.

The hierarchies in this projects would consist of:

Animates:

- Computers

- Worms

- Email Trojans

Inanimates:

- Firewalls

- Antivirus

- Resident Viruses

- Malicious Web Code

Locations:

- Each simulated machine would be it's own location

Actions:

Computers - visit website, download file, send email, read email, execute email attachment

General Virus Actions - infect, disable antivirus, disable firewall, disable automatic updates

Worms - scan ports, exploit security hole

Email Trojans - get contents of email address book, propagate through email, format c:/

Antivirus - Update definitions, scan computer, remove/quarantine virus

Resident Viruses and Malicious web code - infect computer when file is opened or website is visited