Key factors influencing worm infection in enterprise networks

Authors:
Urupoj Kanlayasiri;Surasak Sanguanpong
Affiliations:
Office of Computer Services, Kasetsart University, Chatuchak, Bangkok, Thailand;Department of Computer Engineering, Kasetsart University, Chatuchak, Bangkok, Thailand
Venue:
WISA'05 Proceedings of the 6th international conference on Information Security Applications
Year:
2005

Citing 12
Cited 0

Neuro-fuzzy and soft computing: a computational approach to learning and machine intelligence

Neuro-fuzzy and soft computing: a computational approach to learning and machine intelligence
Code red worm propagation modeling and analysis

Proceedings of the 9th ACM conference on Computer and communications security
Code-Red: a case study on the spread and victims of an internet worm

Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
How to Own the Internet in Your Spare Time

Proceedings of the 11th USENIX Security Symposium
On computer viral infection and the effect of immunization

ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
Measuring and Modeling Computer Virus Prevalence

SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
Recent worms: a survey and trends

Proceedings of the 2003 ACM workshop on Rapid malcode
A taxonomy of computer worms

Proceedings of the 2003 ACM workshop on Rapid malcode
Experiences with worm propagation simulations

Proceedings of the 2003 ACM workshop on Rapid malcode
Worm anatomy and model

Proceedings of the 2003 ACM workshop on Rapid malcode
Securing nomads: the case for quarantine, examination, and decontamination

Proceedings of the 2003 workshop on New security paradigms
An algorithmic approach for fuzzy inference

IEEE Transactions on Fuzzy Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

Worms are a key vector of computer attacks that produce great damage of enterprise networks. Little is known about either the effect of host and network configuration factors influencing worm infection or the approach to predict the number of infected hosts. In this paper we present the results of real worm attacks to determine the factors influencing worm infection, and to propose the prediction model of worm damage. Significant factors are extracted from host and network configuration: openness, homogeneity, and trust. Based on these different factors, fuzzy decision is used to produce the accurate prediction of worm damage. The contribution of this work is to understand the effect of factors and the risk level of infection for preparing the protection, responsiveness, and containment to lessen the damage that may occur. Experimental results show that the selected parameters are strongly correlated with actual infection, and the proposed model produces accurate estimates.