Code red worm propagation modeling and analysis
Proceedings of the 9th ACM conference on Computer and communications security
How to Own the Internet in Your Spare Time
Proceedings of the 11th USENIX Security Symposium
An Analysis of the Slapper Worm
IEEE Security and Privacy
Modeling the effects of timing parameters on virus propagation
Proceedings of the 2003 ACM workshop on Rapid malcode
Modeling and Automated Containment of Worms
DSN '05 Proceedings of the 2005 International Conference on Dependable Systems and Networks
Measurements and mitigation of peer-to-peer-based botnets: a case study on storm worm
LEET'08 Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats
Modeling the propagation of Peer-to-Peer worms
Future Generation Computer Systems
Analyze the worm-based attack in large scale P2P networks
HASE'04 Proceedings of the Eighth IEEE international conference on High assurance systems engineering
The SIC botnet lifecycle model: A step beyond traditional epidemiological models
Computer Networks: The International Journal of Computer and Telecommunications Networking
Hi-index | 0.00 |
Active Peer-to-Peer worms are great threat to the network security since they can propagate in automated ways and flood the Internet within a very short duration. Modeling a propagation process can help us to devise effective strategies against a worm's spread. This paper presents a study on modeling a worm's propagation probability in a P2P overlay network and proposes an optimized patch strategy for defenders. Firstly, we present a probability matrix model to construct the propagation of P2P worms. Our model involves three indispensible aspects for propagation: infected state, vulnerability distribution and patch strategy. Based on a fully connected graph, our comprehensive model is highly suited for real world cases like Code Red II. Finally, by inspecting the propagation procedure, we propose four basic tactics for defense of P2P botnets. The rationale is exposed by our simulated experiments and the results show these tactics are of effective and have considerable worth in being applied in real-world networks