Investigating the impact of real-world factors on internet worm propagation

Authors:
Daniel A. Ray;Charles B. Ward;Bogdan Munteanu;Jonathan Blackwell;Xiaoyan Hong;Jun Li
Affiliations:
Department of Computer Science, University of Alabama, Tuscaloosa, AL;Department of Computer Science, University of Alabama, Tuscaloosa, AL;Department of Computer Science, University of Alabama, Tuscaloosa, AL;Department of Computer Science, University of Alabama, Tuscaloosa, AL;Department of Computer Science, University of Alabama, Tuscaloosa, AL;Department of Computer and Information Science, University of Oregon, Eugene, OR
Venue:
ICISS'07 Proceedings of the 3rd international conference on Information systems security
Year:
2007

Citing 15
Cited 0

Crisis and aftermath

Communications of the ACM
Code-Red: a case study on the spread and victims of an internet worm

Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
How to Own the Internet in Your Spare Time

Proceedings of the 11th USENIX Security Symposium
Internet intrusions: global characteristics and prevalence

SIGMETRICS '03 Proceedings of the 2003 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
A Generic Framework for Parallelization of Network Simulations

MASCOTS '99 Proceedings of the 7th International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems
Inside the Slammer Worm

IEEE Security and Privacy
Monitoring and early warning for internet worms

Proceedings of the 10th ACM conference on Computer and communications security
The top speed of flash worms

Proceedings of the 2004 ACM workshop on Rapid malcode
Simulation of large scale networks II: large-scale network simulations with GTNetS

Proceedings of the 35th conference on Winter simulation: driving innovation
Simulating Internet Worms

MASCOTS '04 Proceedings of the The IEEE Computer Society's 12th Annual International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunications Systems
Distributed Worm Simulation with a Realistic Internet Model

Proceedings of the 19th Workshop on Principles of Advanced and Distributed Simulation
Comparative Study between Analytical Models and Packet-Level Worm Simulations

Proceedings of the 19th Workshop on Principles of Advanced and Distributed Simulation
A self-learning worm using importance scanning

Proceedings of the 2005 ACM workshop on Rapid malcode
Very fast containment of scanning worms

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
On the effectiveness of distributed worm monitoring

SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper reports the results of our experimentation with modeling worm behavior on a large scale, fully adaptable network simulator. Our experiments focused on areas of worm scanning methods, IP address structure, and wireless links that, to the best of our knowledge, have been mostly neglected or abstracted away in prior worm simulations. Namely, our intent was to first study by direct observation of our simulations the effects of various IP scanning techniques on the effectiveness of worm spread. Second, our intent was to research the effects that having a larger IP address space (specifically a sparsely populated IP address space like that provided by Internet Protocol Version 6) would have on the effectiveness of several worms. Third, we study how the wireless media may affect the propagation of worms. In order to perform these simulations we have made use of the Georgia Institute of Technology's network simulator, GTNetS, extending the worm classes packaged with the simulator.