Code red worm propagation modeling and analysis
Proceedings of the 9th ACM conference on Computer and communications security
On computer viral infection and the effect of immunization
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
IEEE Security and Privacy
On instant messaging worms, analysis and countermeasures
Proceedings of the 2005 ACM workshop on Rapid malcode
Hi-index | 0.00 |
One frequently employed way of propagation exploited by worms is through the victim's contact book. The contact book, which reflects the acquaintance profiles of people, is used as a “hit-list”, to which the worm can send itself in order to spread fast. In this paper we propose a discrete worm propagation model that relies upon a combined email and Instant Messaging (IM) communication behaviour of users. We also model user reaction against infected email as well as the rate at which antivirus software is installed. User acquaintance is perceived as a “network” connecting users based on their contact book links. We then propose a worm propagation formulation based on a token propagation algorithm, further analyzed with a use of a system of continuous differential equations, as dictated by Wormald's theorem on approximating “well-behaving” random processes with deterministic functions.