Investigating the Impact of Real-World Factors on Internet Worm Propagation
نویسندگان
چکیده
This paper reports the results of our experimentation with modeling worm behavior on a large scale, fully adaptable network simulator. Our experiments focused on areas of worm scanning methods, IP address structure, and wireless links that, to the best of our knowledge, have been mostly neglected or abstracted away in prior worm simulations. Namely, our intent was to first study by direct observation of our simulations the effects of various IP scanning techniques on the effectiveness of worm spread. Second, our intent was to research the effects that having a larger IP address space (specifically a sparsely populated IP address space like that provided by Internet Protocol Version 6) would have on the effectiveness of several worms. Third, we study how the wireless media may affect the propagation of worms. In order to perform these simulations we have made use of the Georgia Institute of Technology’s network simulator, GTNetS, extending the worm classes packaged with the simulator.
منابع مشابه
Modeling, Analysis, and Mitigation of Internet Worm Attacks
In recent years, worms have become one of the major threats to the security of the Internet. In this talk, I will present our research on modeling, analysis, and mitigation of Internet worm attacks, which includes: (1) We present a “two-factor worm model”, which considers the impact of human counteractions and network congestion on a worm's propagation. (2) To detect the presence of an Internet...
متن کاملStochastic Model for Capturing the Probabilistic Nature of Malware Propagation on an Arbitrary Topology
Today’s computer world the Active worm’s are the major security issues in the Internet. This is because of the ability of active worms to execute in an automated fashion as they continuously attack the computers on the Internet. Here we find a new class of active worms, called as Camouflaging Worm (C-Worm). The C-Worm is different from regular worms because of its ability to change its scan tra...
متن کاملVirtual Playgrounds for Worm Behavior Investigation
To detect and defend against Internet worms, researchers have long hoped to have a safe convenient environment to unleash and run real-world worms for close observation of their infection, damage, and propagation. However, major challenges exist in realizing such “worm playgrounds”, including the playgrounds’ fidelity, confinement, scalability, as well as convenience in worm experiments. In thi...
متن کاملAnalyzing Impacts of Peer-to-Peer Systems on Propagation of Active Worm Attacks
Recent active worm propagation events show that active worms can spread in an automated fashion and flood the Internet in a very short period of time. Due to the recent surge of Peer-to-Peer (P2P) systems with large numbers of users, P2P systems can be a potential vehicle for the active worm attacker to achieve fast worm propagation in the Internet. In this paper, we address the issue by studyi...
متن کاملModeling and Detection of Camouflaging Worm using IP Traceback
Active worms pose major security threats to the Internet. This is due to the ability of active worms to propagate in an automated fashion as they continuously compromise computers on the Internet. Active worms evolve during their propagation, and thus, pose great challenges to defend against them. A new class of active worms, referred to as Camouflaging Worm (C-Worm in short). The C-Worm is dif...
متن کامل