Code red worm propagation modeling and analysis
Proceedings of the 9th ACM conference on Computer and communications security
How to Own the Internet in Your Spare Time
Proceedings of the 11th USENIX Security Symposium
Measuring and Modeling Computer Virus Prevalence
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
IEEE Security and Privacy
A first-principles approach to understanding the internet's router-level topology
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Understanding internet topology: principles, models, and validation
IEEE/ACM Transactions on Networking (TON)
The impact of stochastic variance on worm propagation and detection
Proceedings of the 4th ACM workshop on Recurring malcode
Hi-index | 0.00 |
Recent advancements in Internet worms propagation techniques has generated interest in the development of appropriate defense techniques against such worms. Modeling the behaviour of worm defense techniques to better understand and measure their defense capabilities is crucial to developing effective defenses. This paper presents a discrete-time model of our earlier proposed host-based worm detection and collaborative network containment defense technique, which we referred to as the Analytical Active Worm Containment (AAWC) model. The AAWC model captures the protection capability of the proposed technique by modeling the host population protected from fast spreading, scanning intrusion attack such as worms in a large scale network. Analysing the model alongside an existing discrete-time worm propagation model, we demonstrate quantitatively the effectiveness of our proposed detection and containment technique in defending against fast spreading scanning worms. Based on the host-based worm detection technique, we also develop a continuous-time probability model for worm detection interval which uniquely captures the relationship between worm scanning rate and the detection interval of the worm. Further, we investigate the introduction of immunization to our containment technique and show the resultant effect on a vulnerable population under attack using the developed model