The ecology of malware

Jedidiah R. Crandall, Roya Ensafi, Stephanie Forrest, Joshua Ladau, Bilal Shebaro

Research output: Chapter in Book/Report/Conference proceedingConference contribution

12 Scopus citations


The fight against malicious software (or malware, which includes everything from worms to viruses to botnets) is often viewed as an "arms race." Conventional wisdom is that we must continually "raise the bar" for the malware creators. However, the multitude of malware has itself evolved into a complex environment, and properties not unlike those of ecological systems have begun to emerge. This may include competition between malware, facilitation, parasitism, predation, and density-dependent population regulation. Ecological principles will likely be useful for understanding the effects of these ecological interactions, for example, carrying capacity, species-time and species-area relationships, the unified neutral theory of biodiversity, and the theory of island bio-geography. The emerging malware ecology can be viewed as a critical challenge to all aspects of malware defense, including collection, triage, analysis, intelligence estimates, detection, mitigation, and forensics. It can also be viewed as an opportunity. In this position paper, we argue that taking an ecological approach to malware defense will suggest new defenses. In particular, we can exploit the fact that interactions of malware with its environment, and with other malware, are neither fully predictable nor fully controllable by the malware author - yet the emergent behavior will follow general ecological principles that can be exploited for malware defense.

Original languageEnglish (US)
Title of host publicationProceedings - New Security Paradigms Workshop 2008, NSPW '08
Number of pages8
StatePublished - 2009
Externally publishedYes
EventNew Security Paradigms Workshop 2008, NSPW '08 - Lake Tahoe, CA, United States
Duration: Sep 22 2008Sep 25 2008

Publication series

NameProceedings New Security Paradigms Workshop


OtherNew Security Paradigms Workshop 2008, NSPW '08
Country/TerritoryUnited States
CityLake Tahoe, CA


  • Botnets
  • Malware analysis
  • Malware ecology
  • Viruses
  • Worms

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Hardware and Architecture
  • Software
  • Information Systems


Dive into the research topics of 'The ecology of malware'. Together they form a unique fingerprint.

Cite this