A worm propagation model based on people's email acquaintance profiles

Authors:
T. Komninos;Y. C. Stamatiou;G. Vavitsas
Affiliations:
Research and Academic Computer Technology Institute, University of Patras, Rio, Patras, Greece;Mathematics Department, Ioannina, Greece;Department of Computer Engineering, University of Patras, Rio, Patras, Greece
Venue:
WINE'06 Proceedings of the Second international conference on Internet and Network Economics
Year:
2006

Citing 4
Cited 0

Code red worm propagation modeling and analysis

Proceedings of the 9th ACM conference on Computer and communications security
On computer viral infection and the effect of immunization

ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
Inside the Slammer Worm

IEEE Security and Privacy
On instant messaging worms, analysis and countermeasures

Proceedings of the 2005 ACM workshop on Rapid malcode

Quantified Score

Hi-index	0.00

Visualization

Abstract

One frequently employed way of propagation exploited by worms is through the victim's contact book. The contact book, which reflects the acquaintance profiles of people, is used as a “hit-list”, to which the worm can send itself in order to spread fast. In this paper we propose a discrete worm propagation model that relies upon a combined email and Instant Messaging (IM) communication behaviour of users. We also model user reaction against infected email as well as the rate at which antivirus software is installed. User acquaintance is perceived as a “network” connecting users based on their contact book links. We then propose a worm propagation formulation based on a token propagation algorithm, further analyzed with a use of a system of continuous differential equations, as dictated by Wormald's theorem on approximating “well-behaving” random processes with deterministic functions.