On the Effectiveness of Internal Patching Against File-Sharing Worms
نویسندگان
چکیده
File-sharing worms have been terrorizing Peer-to-peer (P2P) systems in recent years. Existing defenses relying on users’ individual recoveries or limiting users’ file-sharing activities are ineffective. Automated patching tools such as Microsoft Windows Update and Symantec Security Update are currently the most popular vehicles for eliminating and containing Internet worms, but they are not necessarily the best fits for combating P2P file-sharing worms, which propagate within a relatively smaller community. In this paper, we propose a complementary P2P-tailored patching system which utilizes the existing file-sharing mechanisms to internally disseminate security patches to those participating peers in a timely and distributed fashion. Specifically, we examine the effectiveness of leveraging the file downloading or searching process to notify vulnerable end hosts of the surging worms and push corresponding security updates to these hosts. We show through in-depth analysis and extensive experiments that both methods are scalable and effective in combating existing P2P worms.
منابع مشابه
A Study of Security Patch Dissemination for Combating File-sharing Worms
Worm attacks in file-sharing applications have been terrorizing P2P networks in recent years. Existing solutions to these imminent threats are rather passive by relying on user’s individual recovery or limiting filesharing services. To be more scalable and effective in combating file-sharing worms, automated and systematic countermeasures must be developed. In this work, we study the feasibilit...
متن کاملPhagocytes: A Holistic Defense and Protection Against Active P2P Worms
Active Peer-to-Peer (P2P) worms present serious threats to the global Internet by exploiting popular P2P applications to perform rapid topological self-propagation. Active P2P worms pose more deadly threats than normal scanning worms because they do not exhibit easily detectable anomalies, thus many existing defenses are no longer effective. We propose an immunity system with Phagocytes — a sma...
متن کاملModeling and Analaysis of Worm Attacks with Predator and Patching Interplay
Internet is increasingly seeing the emergence of very fast propagating worms capable of infecting significant part of the Internet in short few hours. Predators – a type of good-will self-replicating codes has been proposed as a class of anti-worm defense which can potentially counter formidable speed of these newer worms. In this paper we expand our pervious study of predator's effectiveness b...
متن کاملA Model for Opportunistic Network Exploits: The Case of P2P Worms
We segregate attacks into two categories – targeted and opportunistic – based on whether the attacker compromises a specific target (targeted) or a number of intermediate targets to fulfill his end goal (opportunistic). We assume that opportunistic attackers consider targets indistinguishable except for their vulnerabilities, and are interested in acquiring as many targets as possible. We there...
متن کاملPulse quarantine strategy of internet worm propagation: Modeling and analysis
Article history: Available online 6 September 2011 0045-7906/$ see front matter 2011 Elsevier Ltd doi:10.1016/j.compeleceng.2011.07.009 q Reviews processed and approved for publication ⇑ Corresponding author at: College of Information E-mail addresses: [email protected], haveb Worms can spread throughout the Internet very quickly and are a great security threat. Constant quarantine strategy...
متن کامل