Understanding IPv6
How to Own the Internet in Your Spare Time
Proceedings of the 11th USENIX Security Symposium
The monitoring and early detection of internet worms
IEEE/ACM Transactions on Networking (TON)
A self-learning worm using importance scanning
Proceedings of the 2005 ACM workshop on Rapid malcode
Modeling and Simulation Study of the Propagation and Defense of Internet E-mail Worms
IEEE Transactions on Dependable and Secure Computing
A new worm exploiting IPv4-IPv6 dual-stack networks
Proceedings of the 2007 ACM workshop on Recurring malcode
Realizing the transition to IPv6
IEEE Communications Magazine
The next generation of the Internet: aspects of the Internet protocol version 6
IEEE Network: The Magazine of Global Internetworking
Modeling the spread of internet worms via persistently unpatched hosts
IEEE Network: The Magazine of Global Internetworking
Optimal response to attacks on the open science grid
Computer Networks: The International Journal of Computer and Telecommunications Networking
| Hi-index | 0.02 |
It is commonly believed that the IPv6 protocol can provide good protection against network worms that try to find victims through random address scanning due to its huge address space. However, we discover that there is serious vulnerability in terms of worm propagation in IPv6 and IPv4-IPv6 dual-stack networks. It is shown in this article that a new worm can collect the IPv6 addresses of all running hosts in a local subnet very quickly, leading to accelerated worm propagation. Similar to modeling the self-replicating behaviors of biological viruses, a Species-Patch model and a discrete-time simulator are developed to study how the dual-stack worm spreads in networks with various topologies. It is shown that the worm could propagate in the IPv6 and IPv4-IPv6 dual-stack networks much faster than in the current IPv4 Internet. Several effective defense strategies focusing on network deployment are proposed.