Network topology generators: degree-based vs. structural
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
Code-Red: a case study on the spread and victims of an internet worm
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
How to Own the Internet in Your Spare Time
Proceedings of the 11th USENIX Security Symposium
ICDCS '04 Proceedings of the 24th International Conference on Distributed Computing Systems (ICDCS'04)
MASCOTS '04 Proceedings of the The IEEE Computer Society's 12th Annual International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunications Systems
Exploiting Independent State For Network Intrusion Detection
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
A drawback of current anti-virus simulations: the need for background traffic
Proceedings of the 44th annual Southeast regional conference
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Hi-index | 0.00 |
Realistic modeling of worm spread is crucial if we wish to predict the real-world efficacy of different worm counter-measures. Ideally, such modeling should be able to handle different types of malcode, multiple defenses, and realistic network topologies and limitations. Due to the complexity of the interactions between entities in the network, accurate analytical solutions are extremely difficult to derive. A more tractable approach to the problem is Monte-Carlo simulation. Most such simulators are custom built to simulate the spread of a particular worm and are not easily extendible to other malcode or topology simulations. While general purpose simulators, like GTNetS or ns2, are capable of simulating arbitrary network topologies and actors, they are too granular for our purposes and therefore too CPU intensive for large network simulation. To overcome these limitations, we designed Hephaestus, a simulator which is capable of simulating arbitrary network and application topologies and custom actors. We validate our simulator by modeling the well known spread of the worm, Code-Red I v2. Finally, we conclude by discussing the potential for future work based upon our simulator.