IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Chord: A scalable peer-to-peer lookup service for internet applications
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
A scalable content-addressable network
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Code red worm propagation modeling and analysis
Proceedings of the 9th ACM conference on Computer and communications security
Query-flood DoS attacks in gnutella
Proceedings of the 9th ACM conference on Computer and communications security
Code-Red: a case study on the spread and victims of an internet worm
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Security Considerations for Peer-to-Peer Distributed Hash Tables
IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
Mapping the Gnutella Network: Macroscopic Properties of Large-Scale Peer-to-Peer Systems
IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
How to Own the Internet in Your Spare Time
Proceedings of the 11th USENIX Security Symposium
Measuring and Modeling Computer Virus Prevalence
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
Intrusion Detection via Static Analysis
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
IEEE Security and Privacy
Monitoring and early warning for internet worms
Proceedings of the 10th ACM conference on Computer and communications security
Worm propagation modeling and analysis under dynamic quarantine defense
Proceedings of the 2003 ACM workshop on Rapid malcode
Adapting Peer-to-Peer Topologies to Improve System Performance
HICSS '04 Proceedings of the Proceedings of the 37th Annual Hawaii International Conference on System Sciences (HICSS'04) - Track 7 - Volume 7
ICDCS '04 Proceedings of the 24th International Conference on Distributed Computing Systems (ICDCS'04)
Shield: vulnerability-driven network filters for preventing known vulnerability exploits
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Comparing Passive and Active Worm Defenses
QEST '04 Proceedings of the The Quantitative Evaluation of Systems, First International Conference
Cisco Security Agent
Mining anomalies using traffic feature distributions
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
On instant messaging worms, analysis and countermeasures
Proceedings of the 2005 ACM workshop on Rapid malcode
Proceedings of the 2005 ACM workshop on Rapid malcode
A self-learning worm using importance scanning
Proceedings of the 2005 ACM workshop on Rapid malcode
Impact of peer incentives on the dissemination of polluted content
Proceedings of the 2006 ACM symposium on Applied computing
Simulating non-scanning worms on peer-to-peer networks
InfoScale '06 Proceedings of the 1st international conference on Scalable information systems
Proceedings of the 4th ACM workshop on Recurring malcode
Packet vaccine: black-box exploit detection and signature generation
Proceedings of the 13th ACM conference on Computer and communications security
On the effectiveness of distributed worm monitoring
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
A first look at peer-to-peer worms: threats and defenses
IPTPS'05 Proceedings of the 4th international conference on Peer-to-Peer Systems
Behavioral distance for intrusion detection
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
Misusing unstructured p2p systems to perform dos attacks: the network that never forgets
ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security
Optimal response to attacks on the open science grid
Computer Networks: The International Journal of Computer and Telecommunications Networking
Fast quarantining of proactive worms in unstructured P2P networks
Journal of Network and Computer Applications
| Hi-index | 0.24 |
Active worms continue to pose major threats to the security of today's Internet. This is due to the ability of active worms to automatically propagate themselves and compromise hosts in the Internet. Due to the recent surge of peer-to-peer (P2P) systems with large numbers of users and rich connectivity, P2P systems can be a potential vehicle for the attacker to achieve rapid worm propagation in the Internet. In this paper, we tackle this issue by modeling and analyzing active worm propagation on top of P2P systems, and designing effective defense strategies within P2P systems to suppress worm propagation. In particular: (1) we define two P2P-based active worm attack models: an offline P2P-based hit-list attack model and an online P2P-based attack model; (2) we conduct a detailed analysis on the impacts of worm propagation on top of P2P-based systems, and study the sensitivity of worm propagation to various P2P system and attack-related parameters; (3) finally, we propose defense strategies within the P2P system to combat worms. Based on extensive numerical analysis and simulation data, we demonstrate that P2P-based active worm attacks can significantly enhance worm propagation, and important P2P related parameters (system size, topology degree, host vulnerability, etc.) have significant impacts on worm spread. We also find that our proposed defense strategies can effectively combat worms by rapidly detecting and immunizing infected hosts.