Bro: a system for detecting network intruders in real-time
Computer Networks: The International Journal of Computer and Telecommunications Networking
Analysis and detection of computer viruses and worms: an annotated bibliography
ACM SIGPLAN Notices
Throttling Viruses: Restricting propagation to defeat malicious mobile code
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
A Network Worm Vaccine Architecture
WETICE '03 Proceedings of the Twelfth International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises
Requirements on Worm Mitigation Technologies in MANETS
Proceedings of the 19th Workshop on Principles of Advanced and Distributed Simulation
Microscopic Simulation of a Group Defense Strategy
Proceedings of the 19th Workshop on Principles of Advanced and Distributed Simulation
Ensuring stable performance for systems that degrade
Proceedings of the 5th international workshop on Software and performance
Vigilante: end-to-end containment of internet worms
Proceedings of the twentieth ACM symposium on Operating systems principles
Entropy Based Worm and Anomaly Detection in Fast IP Networks
WETICE '05 Proceedings of the 14th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise
Performance Assurance via Software Rejuvenation: Monitoring, Statistics and Algorithms
DSN '06 Proceedings of the International Conference on Dependable Systems and Networks
Very fast containment of scanning worms
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Autograph: toward automated, distributed worm signature detection
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Monitoring for security intrusion using performance signatures
Proceedings of the first joint WOSP/SIPEW international conference on Performance engineering
Methods and opportunities for rejuvenation in aging distributed software systems
Journal of Systems and Software
| Hi-index | 0.00 |
In this paper, we propose a new approach for mitigation of worm propagation through tactical Mobile Ad-Hoc Networks (MANETs) which is based upon performance signatures and software rejuvenation. Three application performance signature and software rejuvenation algorithms are proposed and analyzed. These algorithms monitor critical applications' responsiveness and trigger actions for software rejuvenation when host resources degrade due to a co-resident worm competing for host resources. We analyze the effectiveness of our algorithms through analytic modeling and detailed, extensive simulation studies. The key performance metrics investigated are application response time, mean time between rejuvenations and the steady state probability of host infection. We also use simulation models to investigate several design and parameter tuning issues. We investigate the relationship between the rate at which the application performance monitors can detect out-of-specification applications and the rate of worm propagation in the network.