Internet instability and disturbance: goal or menace?
NSPW '05 Proceedings of the 2005 workshop on New security paradigms
On the performance of internet worm scanning strategies
Performance Evaluation
Peer to peer networks for defense against internet worms
Interperf '06 Proceedings from the 2006 workshop on Interdisciplinary systems approach in performance evaluation and design of computer & communications sytems
Peer-to-peer system-based active worm attacks: Modeling, analysis and defense
Computer Communications
A distributed framework for passive worm detection and throttling in P2P networks
CCNC'09 Proceedings of the 6th IEEE Conference on Consumer Communications and Networking Conference
| Hi-index | 0.00 |
Recent large-scale and rapidly evolving worm epidemics have led to interest in automated defensive measures against self-propagating network worms.We present models of network worm propagation and defenses that permit us to compare the effectiveness of "passive" measures, attempting to block or slow down a worm, with "active" measures, that attempt to proactively patch hosts or remove infections.We extend relatively simple deterministic epidemic models to include connectivity of the underlying infrastructure, thus permitting us to model quarantining defenses deployed either in customer networks or towards the core of the Internet.We compare defensive strategies in terms of their effectiveness in preventing worm infections and find that with sufficient deployment, content based quarantining defenses are more effective than the counter-worms we consider.For less ideal deployment or blocking based on addresses, a counter-worm can be more effective if released quickly and aggressively enough.However, active measures (such as counter-worms) also have other technical issues, including causing additional network traffic and increases risk of failures, that need to be considered.