A scalable content-addressable network
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Chord: a scalable peer-to-peer lookup protocol for internet applications
IEEE/ACM Transactions on Networking (TON)
Pastry: Scalable, Decentralized Object Location, and Routing for Large-Scale Peer-to-Peer Systems
Middleware '01 Proceedings of the IFIP/ACM International Conference on Distributed Systems Platforms Heidelberg
Throttling Viruses: Restricting propagation to defeat malicious mobile code
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
IEEE Security and Privacy
Dynamic Quarantine of Internet Worms
DSN '04 Proceedings of the 2004 International Conference on Dependable Systems and Networks
Vigilante: end-to-end containment of internet worms
Proceedings of the twentieth ACM symposium on Operating systems principles
Countering Network Worms Through Automatic Patch Generation
IEEE Security and Privacy
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
INFOCOM'96 Proceedings of the Fifteenth annual joint conference of the IEEE computer and communications societies conference on The conference on computer communications - Volume 2
Coupled kermack-mckendrick models for randomly scanning and bandwidth-saturating internet worms
QoS-IP'05 Proceedings of the Third international conference on Quality of Service in Multiservice IP Networks
Deriving a closed-form expression for worm-scanning strategies
International Journal of Security and Networks
An information-theoretic view of network-aware malware attacks
IEEE Transactions on Information Forensics and Security
A survey on bio-inspired networking
Computer Networks: The International Journal of Computer and Telecommunications Networking
Characterizing internet worm infection structure
LEET'11 Proceedings of the 4th USENIX conference on Large-scale exploits and emergent threats
An adversarial evaluation of network signaling and control mechanisms
ICISC'10 Proceedings of the 13th international conference on Information security and cryptology
ACM Transactions on Modeling and Computer Simulation (TOMACS)
Hi-index | 0.00 |
We provide an analytical framework for evaluating the performance of automatic patching systems. We use it to quantify the speed of patch or alert dissemination required for worm containment. Motivated by scalability and trust issues, we consider a hierarchical system where network hosts are organized into subnets, each containing a patch server (termed superhost). Patches are disseminated to superhosts through an overlay connecting them and, after verification, to end hosts within subnets. The analytical framework accommodates a variety of overlays through the novel abstraction of a minimum broadcast curve. It also accommodates filtering of scans across subnets. The framework provides quantitative estimates that can guide system designers in dimensioning automatic patching systems. The results are obtained mathematically and verified by simulation.