1 Encounter - based worms : Analysis and Defense
نویسندگان
چکیده
An encounter-based network is a frequently-disconnected wireless ad-hoc network requiring immediate neighbors to store and forward aggregated data for information disseminations. Using traditional approaches such as gateways or firewalls to deter worm propagation in encounter-based networks is inappropriate. We propose a worm interaction approach that relies upon automated beneficial worm generation to alleviate problems of worm propagations in such networks. To understand the dynamics of worm interactions and their performance, we mathematically model worm interactions based on major worm interaction factors, including worm interaction types, network characteristics, and node characteristics using ordinary differential equations and analyze their effects on our proposed metrics. We validate our proposed model using extensive synthetic and trace-driven simulations. We find that all worm interaction factors significantly affect the pattern of worm propagations. For example, immunization linearly decreases the infection of susceptible nodes, while on-off behavior only impacts the duration of infection. Using realistic mobile network measurements, we find that encounters are “bursty”, multi-group, and non-uniform. The trends from the trace-driven simulations are consistent with the model, in general. Immunization and timely deployment seem to be most effective in countering worm attacks in such scenarios, while cooperation may help in a specific case. These findings provide insight that we hope would aid in the development of counter-worm protocols in future encounter-based networks.
منابع مشابه
Peer-to-peer system-based active worm attacks: Modeling, analysis and defense
0140-3664/$ see front matter 2008 Elsevier B.V. A doi:10.1016/j.comcom.2008.08.008 * Corresponding author. Tel.: +1 214 208 5951. E-mail addresses: [email protected] (W. Yu), ch pan), [email protected] (X. Wang), xuan@cs Active worms continue to pose major threats to the security of today’s Internet. This is due to the ability of active worms to automatically propagate themselves and co...
متن کاملDesign Space and Analysis of Worm Defense Strategies
We give the first systematic investigation of the design space of worm defense system strategies. We accomplish this by providing a taxonomy of defense strategies by abstracting away implementationdependent and approach-specific details and concentrating on the fundamental properties of each defense category. Our taxonomy and analysis reveals the key parameters for each strategy that determine ...
متن کاملTaxonomy and Effectiveness of Worm Defense Strategies
While it is important to develop effective worm defense techniques, most previous work has focused on a single point in the design space. The sheer complexity and size of the design space of worm defense requires a more systematic study of the design space. We give the first systematic investigation of the design space of worm defense system strategies. We accomplish this by providing a taxonom...
متن کاملA Defense Model of Reactive Worms Based on Dynamic Time
The popularity of reactive worms, whose attacking behavior inherits characteristics from both active worms and passive worms, has brought great threat to P2P networks in recent years. Most existing defense models only focus on the effects of P2P churn on reactive worm's propagation, but neglect the impact of user behaviors on the spread of worms. This paper proposes a defense model of reactive ...
متن کاملVACCINE: War of the Worms in Wired and Wireless Networks
The highlight of worm outbreaks in 2004 was a new phenomenon called ‘War of the Worms’ between NetSky, Bagle and MyDoom worm variants. Their aftermaths caused the record-high of 12 outbreaks in first quarter alone. This war created complex interactions among worms referring to one worm terminating another worm. In this paper, we try to answer the following questions: How much does this scenario...
متن کامل