Modeling the Spread of Active Worms
نویسندگان
چکیده
Active worms spread in an automated fashion and can flood the Internet in a very short time. Modeling the spread of active worms can help us understand how active worms spread, and how we can monitor and defend against the propagation of worms effectively. In this paper, we present a mathematical model, referred to as the Analytical Active Worm Propagation (AAWP) model, which characterizes the propagation of worms that employ random scanning. We compare our model with the Epidemiological model and Weaver’s simulator. Our results show that our model can characterize the spread of worms effectively. Taking the Code Red v2 worm as an example, we give a quantitative analysis for monitoring, detecting and defending against worms. Furthermore, we extend our AAWP model to understand the spread of worms that employ local subnet scanning. To the best of our knowledge, there is no model for the spread of a worm that employs the localized scanning strategy and we believe that this is the first attempt on understanding local subnet scanning quantitatively.
منابع مشابه
Propagation of Active Worms in P2P Networks: Modeling and Analysis
Active worms, a category of self-replicating malicious programs which could spread in an automated fashion and flood particular Peer-to-Peer (P2P) networks within very short time, have drawn significant attention. However, only limited number of studies focus on propagation model of active worms with fair consideration of P2P nodes’ dynamic features consisting of P2P churn, random quarantine, r...
متن کاملTopology Aware Worm Propagation in BitTorrent : Modeling and Analysis
Peer-to-peer (p2p) networking technology has gained popularity as an efficient mechanism for users to obtain free services without the need for centralized servers. Protecting these networks from intruders and attackers is a real challenge. One of the constant threats on P2P networks is the propagation of active worms. Recent events show that active worms can spread automatically and flood the ...
متن کاملPeer-to-peer system-based active worm attacks: Modeling, analysis and defense
0140-3664/$ see front matter 2008 Elsevier B.V. A doi:10.1016/j.comcom.2008.08.008 * Corresponding author. Tel.: +1 214 208 5951. E-mail addresses: [email protected] (W. Yu), ch pan), [email protected] (X. Wang), xuan@cs Active worms continue to pose major threats to the security of today’s Internet. This is due to the ability of active worms to automatically propagate themselves and co...
متن کاملPotential Strategies for High Speed Active Worms: A Worst Case Analysis
Active worms, malicious programs which spread in a completely autonomous manner, have the potential to rapidly spread across the internet. Two important questions which must be answered when constructing defenses is how fast a worm can spread and how long a given worm can remain a significant threat on the Internet, as these answers dictate requirements for defenses. There are multiple obvious ...
متن کاملModeling the Spread of Biologically-Inspired Internet Worms
Infections by malicious software, such as Internet worms, spreading on computer networks can have devastating consequences, resulting in loss of information, time, and money. To better understand how these worms spread, and thus how to more effectively limit future infections, we apply the household model from epidemiology to simulate the proliferation of adaptive and non-adaptive preference-sc...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2003