Chord: A scalable peer-to-peer lookup service for internet applications
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
A scalable content-addressable network
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Code red worm propagation modeling and analysis
Proceedings of the 9th ACM conference on Computer and communications security
Mapping the Gnutella Network: Macroscopic Properties of Large-Scale Peer-to-Peer Systems
IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
Pastry: Scalable, Decentralized Object Location, and Routing for Large-Scale Peer-to-Peer Systems
Middleware '01 Proceedings of the IFIP/ACM International Conference on Distributed Systems Platforms Heidelberg
Modeling the effects of timing parameters on virus propagation
Proceedings of the 2003 ACM workshop on Rapid malcode
WORM vs. WORM: preliminary study of an active counter-attack mechanism
Proceedings of the 2004 ACM workshop on Rapid malcode
Countering Network Worms Through Automatic Patch Generation
IEEE Security and Privacy
Simulating non-scanning worms on peer-to-peer networks
InfoScale '06 Proceedings of the 1st international conference on Scalable information systems
On the performance of internet worm scanning strategies
Performance Evaluation
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Automatic Patch Generation for Buffer Overflow Attacks
IAS '07 Proceedings of the Third International Symposium on Information Assurance and Security
A Feasibility Study on Defending Against Ultra-Fast TopologicalWorms
P2P '07 Proceedings of the Seventh IEEE International Conference on Peer-to-Peer Computing
Peer-to-peer system-based active worm attacks: Modeling, analysis and defense
Computer Communications
Propagation Model of Active Worms in P2P Networks
ICYCS '08 Proceedings of the 2008 The 9th International Conference for Young Computer Scientists
di-jest: Autonomic neighbour management for worm resilience in p2p systems
WOWMOM '08 Proceedings of the 2008 International Symposium on a World of Wireless, Mobile and Multimedia Networks
Propagation Model of Non-scanning Active Worm in Unstructured P2P Network
MINES '09 Proceedings of the 2009 International Conference on Multimedia Information Networking and Security - Volume 02
Accurate buffer overflow detection via abstract payload execution
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
Propagation Modeling of Peer-to-Peer Worms
AINA '10 Proceedings of the 2010 24th IEEE International Conference on Advanced Information Networking and Applications
A first look at peer-to-peer worms: threats and defenses
IPTPS'05 Proceedings of the 4th international conference on Peer-to-Peer Systems
Tapestry: a resilient global-scale overlay for service deployment
IEEE Journal on Selected Areas in Communications
Hi-index | 0.00 |
P2P worms pose a serious threat to Internet infrastructure and terminal users because of their overwhelming propagation speed. Manual reactions fall behind the fast propagation of P2P worms. Current automatic techniques are still not adequate to be deployed on a large scale for several challenges including low accuracy, low efficiency, etc. In this paper, we bring forward a repair-and-patch approach to quarantine malicious worms quickly in unstructured P2P networks. Our work has two major contributions. Firstly, we propose two kinds of benign worms, which differ in functions and spread strategies, to cooperatively battle against malicious worms. Secondly, we derive discrete difference equations to depict the interplay between malicious and benign worms. Four factors - manual countermeasures, P2P topology, configuration diversity and attack and defense strategies - are modeled in the equations. Preliminary experiments are promising. Compared with sheer manual reactions, our approach is about two times faster and protects about 35% more hosts. In comparison with benign worms, which search targets by random scanning, our proposed method guards about 34.4% more hosts with lower consumption of bandwidth resources.