The internet worm program: an analysis
ACM SIGCOMM Computer Communication Review
Communications of the ACM
Code red worm propagation modeling and analysis
Proceedings of the 9th ACM conference on Computer and communications security
Code-Red: a case study on the spread and victims of an internet worm
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
How to Own the Internet in Your Spare Time
Proceedings of the 11th USENIX Security Symposium
Throttling Viruses: Restricting propagation to defeat malicious mobile code
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
An Analysis of the Slapper Worm
IEEE Security and Privacy
IEEE Security and Privacy
Monitoring and early warning for internet worms
Proceedings of the 10th ACM conference on Computer and communications security
Recent worms: a survey and trends
Proceedings of the 2003 ACM workshop on Rapid malcode
Proceedings of the 2003 ACM workshop on Rapid malcode
Access for sale: a new class of worm
Proceedings of the 2003 ACM workshop on Rapid malcode
Experiences with worm propagation simulations
Proceedings of the 2003 ACM workshop on Rapid malcode
Proceedings of the 2003 ACM workshop on Rapid malcode
Modeling the effects of timing parameters on virus propagation
Proceedings of the 2003 ACM workshop on Rapid malcode
Dynamic Quarantine of Internet Worms
DSN '04 Proceedings of the 2004 International Conference on Dependable Systems and Networks
IEEE Security and Privacy
Proceedings of the 2004 ACM workshop on Rapid malcode
Proceedings of the 2004 ACM workshop on Rapid malcode
Preliminary results using scale-down to explore worm dynamics
Proceedings of the 2004 ACM workshop on Rapid malcode
Routing Worm: A Fast, Selective Attack Worm Based on IP Address Information
Proceedings of the 19th Workshop on Principles of Advanced and Distributed Simulation
Modeling and Automated Containment of Worms
DSN '05 Proceedings of the 2005 International Conference on Dependable Systems and Networks
The monitoring and early detection of internet worms
IEEE/ACM Transactions on Networking (TON)
On instant messaging worms, analysis and countermeasures
Proceedings of the 2005 ACM workshop on Rapid malcode
Proceedings of the 2005 ACM workshop on Rapid malcode
A self-learning worm using importance scanning
Proceedings of the 2005 ACM workshop on Rapid malcode
Defending against hitlist worms using network address space randomization
Proceedings of the 2005 ACM workshop on Rapid malcode
On the impact of dynamic addressing on malware propagation
Proceedings of the 4th ACM workshop on Recurring malcode
DAW: A Distributed Antiworm System
IEEE Transactions on Parallel and Distributed Systems
Shortening the Slow Start Phase in the Propagation of Active Worms
CSA '08 Proceedings of the International Symposium on Computer Science and its Applications
Defending against the Propagation of Active Worms
EUC '08 Proceedings of the 2008 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing - Volume 02
Analyze the worm-based attack in large scale P2P networks
HASE'04 Proceedings of the Eighth IEEE international conference on High assurance systems engineering
Hi-index | 0.01 |
Active worms propagate across networks by employing the various target discovery techniques. The significance of target discovery techniques in shaping a worm's propagation characteristics is derived from the life cycle of a worm. The various target discovery techniques that could be employed by active worms are discussed. It is anticipated that future active worms would employ multiple target discovery techniques simultaneously to greatly accelerate their propagation. To accelerate a worm's propagation, the slow start phase in the worm's propagation must be shortened by letting the worm infect the first certain percentage of susceptible hosts as soon as possible. Strategies that future active worms might employ to shorten the slow start phase in their propagation are studied. Their respective cost-effectiveness is assessed. A novel active defense mechanism is proposed, which could be an emerging solution to the active worm problem. Our major contributions in this article are first, we found the combination of target discovery techniques that can best accelerate the propagation of active worms; second, we proposed several strategies to shorten a worm's slow start phase in its propagation and found the cost-effective hit-list size and average size of internally generated target lists; third, we proposed a novel active defense mechanism and evaluated its effectiveness; and fourth, we proposed three novel discrete time deterministic propagation models of active worms.