Taxonomy and Simulation of Bio-Analogous Multi-Stage Cyberattacks

Shaher Suleman Slehat; Esraa Abu Elsoud; Layla Albdour; Esra'a Alhenawi; Malek Mahmoud Barhoush

doi:10.48084/etasr.16605

Authors

Shaher Suleman Slehat Department of Basic Sciences (Humanities and Natural Sciences), Al-Zaytoonah University of Jordan, Amman, Jordan https://orcid.org/0000-0001-7427-6868
Esraa Abu Elsoud Cybersecurity and Cloud Computing Department, Faculty of Information Technology, Applied Science Private University, Amman, Jordan
Layla Albdour Cyber Security Department, Al-Zaytoonah University of Jordan, Amman, Jordan
Esra'a Alhenawi Department of Information Systems, Al al-Bayt University, Mafraq, Jordan
Malek Mahmoud Barhoush Cybersecurity Program, IT Department, IT&CS Faculty, Yarmouk University, Irbid, Jordan https://orcid.org/0000-0002-1146-7293

Volume: 16 | Issue: 3 | Pages: 35085-35093 | June 2026 | https://doi.org/10.48084/etasr.16605

Received: 29 November 2025 | Revised: 18 February 2026, 7 March 2026, and 21 March 2026 | Accepted: 23 March 2026 | Online: 15 April 2026

Corresponding author: Malek Mahmoud Barhoush

Abstract

Today, bio-inspired approaches in cybersecurity represent an active research area in the literature, as these approaches offer adaptability, learning, and robustness to face modern, evolving cyber threats. Traditional Intrusion Detection Systems (IDSs) are increasingly proficient at identifying isolated malicious events, yet they remain vulnerable to coordinated, multi-stage deception that mimics biological social structures. The primary gap in current literature is a lack of formal frameworks that map complex predator-prey dynamics, such as distraction-based deception and fission–fusion coordination, to modern network attack vectors. To address this, we propose a novel taxonomy and realistic discrete-event simulation framework for bio-analogous cyberattacks based on two natural archetypes: the Crow, representing sophisticated deception and decoy-based exfiltration, and the Wild Dog, representing decentralized coordination and sequential hunting. Leveraging the OMNeT++/INET framework and an enterprise-inspired network topology, we emulate how biological perseverance and role-division can be mapped to advanced multi-vector intrusions.

Keywords:

bio-analogous, Crows, Wild Dogs, Intrusion Detection Systems (IDSs), multi-stage attacks

Downloads

Download data is not yet available.

References

M. A. I. Mallick and R. Nath, "Navigating the Cyber security Landscape: A Comprehensive Review of Cyber-Attacks, Emerging Trends, and Recent Developments," World Scientific News, vol. 190, no. 1, pp. 1–69, Jan. 2024.

N. R. Choudhury, S. Paul, and S. Ghosh, "Comparative Analysis of Traditional vs. AI-Driven Network Security," in AI for Large Scale Communication Networks, R. Kanthavel and R. Dhaya, Eds. Hershey, PA, USA: IGI Global Scientific Publishing, 2025, pp. 107–128, 10.4018/979-8-3693-6552-6.ch006.

N. Fang, C. Xu, X. Gong, and Z. Wu, "A new human-based offensive defensive optimization algorithm for solving optimization problems," Scientific Reports, vol. 15, no. 1, Apr. 2025, Art. no. 12119.

P. K. Myakala, C. Bura, and A. K. Jonnalagadda, "Artificial Immune Systems: A Bio-Inspired Paradigm for Computational Intelligence," Journal of Artificial Intelligence and Big Data, vol. 5, no. 1, pp. 1–13, Jan. 2025.

R. Satheeskumar, V. Premalatha, R. K. Talatoti, S. Vecha, and M. Koteswara Rao, "Next-generation ant-inspired cryptography for secure and resilient decentralized IoT ecosystems," Iran Journal of Computer Science, vol. 8, no. 4, pp. 2221–2236, Dec. 2025.

C. Blum, "Ant colony optimization: A bibliometric review," Physics of Life Reviews, vol. 51, pp. 87–95, Dec. 2024.

M. Irfan, "Nature-Inspired Techniques in Cybersecurity: Evolving Approaches to Domain Detection and Threat Mitigation," Sept. 2024.

S. G. Qureshi and S. K. Shandilya, "Novel Hybridized Crow Optimization for Secure Data Transmission in Cyber Networks," in Advances in Nature-Inspired Cyber Security and Resilience, S. K. Shandilya, N. Wagner, V. B. Gupta, and A. K. Nagar, Eds. Cham, Switzerland: Springer International Publishing, 2022, pp. 137–156.

D. Prabakaran, K. R. Senthil, and R. Shyamala, "14 A Novel African Wild Dog Optimization (AWDO) Algorithm for Applications of Artificial Intelligence," in Math Optimization for Artificial Intelligence: Heuristic and Metaheuristic Methods for Robotics and Machine Learning, U. Kumar Lilhore, V. Dutt, T. A. Kumar, M. Margala, and K. Raahemifar, Eds. Berlin, Germany: De Gruyter, 2025, pp. 303–316.

Ö. Sen et al., "Simulation of multi-stage attack and defense mechanisms in smart grids," International Journal of Critical Infrastructure Protection, vol. 48, Mar. 2025, Art. no. 100727.

A. N. Khan, J. Bryans, G. Sabaliauskaite, and H. Jadidbonab, "Integrated Attack Tree in Residual Risk Management Framework," Information, vol. 14, no. 12, Nov. 2023, Art. no. 639.

E. Iturbe, J. Arcas, E. Rios, and N. Toledo, "A Multi-layer Approach through Threat Modelling and Attack Simulation for Enhanced Cyber Security Assessment," in Proceedings of the 19th International Conference on Availability, Reliability and Security, Vienna, Austria, 2024, pp. 1–8.

M. Alhazmi, A. P. Zhao, X. Cheng, and C. Yang, "Multistage adaptive cyberattack in power systems with CNN identification feedback loops," Scientific Reports, vol. 15, no. 1, July 2025, Art. no. 25051.

A. Zimba, H. Chen, Z. Wang, and M. Chishimba, "Modeling and detection of the multi-stages of Advanced Persistent Threats attacks based on semi-supervised learning and complex networks characteristics," Future Generation Computer Systems, vol. 106, pp. 501–517, May 2020.

M. M. Alani, L. Mauri, and E. Damiani, "A two-stage cyber attack detection and classification system for smart grids," Internet of Things, vol. 24, Dec. 2023, Art. no. 100926.

M. K. Ahn, Y. H. Kim, and J.-R. Lee, "Hierarchical Multi-Stage Cyber Attack Scenario Modeling Based on G&E Model for Cyber Risk Simulation Analysis," Applied Sciences, vol. 10, no. 4, Feb. 2020, Art. no. 1426.

A.-M. Konsta, A. Lluch Lafuente, B. Spiga, and N. Dragoni, "Survey: Automatic generation of attack trees and attack graphs," Computers & Security, vol. 137, Feb. 2024, Art. no. 103602.

A. Rana, S. Gupta, and B. Gupta, "A comprehensive framework for quantitative risk assessment of organizational networks using FAIR-modified attack trees," Frontiers in Computer Science, vol. 6, Feb. 2024, Art. no. 1304288.

V. Kuikka, L. Pykälä, T. Takko, and K. K. Kaski, "Network modelling in analysing cyber-related graphs," Frontiers in Complex Systems, vol. 3, Sept. 2025, Art. no. 1620260.

L. Serena, G. D’Angelo, S. Ferretti, and M. Marzolla, "Simulation in Cybersecurity: Understanding Techniques, Applications, and Goals." arXiv, Aug. 08, 2025.

G. Erceylan, A. Akbarzadeh, and V. Gkioulos, "Leveraging digital twins for advanced threat modeling in cyber-physical systems cybersecurity," International Journal of Information Security, vol. 24, no. 3, June 2025, Art. no. 151.

A. Garba et al., "Utilizing Ant Colony Optimization for Result Merging in Federated Search," Engineering, Technology & Applied Science Research, vol. 14, no. 4, pp. 14832–14839, Aug. 2024.

S. Khalid and S. Wu, "Supporting Scholarly Search by Query Expansion and Citation Analysis," Engineering, Technology & Applied Science Research, vol. 10, no. 4, pp. 6102–6108, Aug. 2020.

S. Khalid, S. Khusro, I. Ullah, and G. Dawson-Amoah, "On The Current State of Scholarly Retrieval Systems," Engineering, Technology & Applied Science Research, vol. 9, no. 1, pp. 3863–3870, Feb. 2019.