Abstract
Recently, active worms have done significant damage due to their rapid propagation over the Internet. We studied propagation mechanisms of active worms employing single target discovery technique and various combinations of two or three different target discovery techniques from attackers’ perspective. We performed a series of simulation experiments to investigate their propagation characteristics under various scenarios. We found uniform scanning to be an indispensable elementary target discovery technique of active worms. Our major contributions in this paper are first, we proposed the discrete time deterministic Compensation Factor Adjusted Propagation (CFAP) model of active worms; and second, we suggested the combination of target discovery techniques that can best accelerate propagation of active worms discovered from results of the comprehensive simulations. The significance of this paper lies in it being very beneficial to understanding of propagation mechanisms of active worms, and thus building effective and efficient defense systems against their propagation.
Chapter PDF
Similar content being viewed by others
References
Kienzle, D.M., Elder, M.C.: Recent Worms: A Survey and Trends. In: WORM 2003, Washington D.C., USA, pp. 1–10 (2003)
Weaver, N., Paxson, V., Staniford, S., Cunningham, R.: A Taxonomy of Computer Worms. In: WORM 2003, Washington D.C., USA, pp. 11–18 (2003)
Moore, D., Shannon, C., Brown, J.: Code-Red: A Case Study on the Spread and Victims of an Internet Worm. In: IMW 2002, Marseille, France, pp. 273–284 (2002)
Moore, D., Paxson, V., Savage, S., Shannon, C., Staniford, S., Weaver, N.: Inside the Slammer Worm. IEEE Security & Privacy 1, 33–39 (2003)
Shannon, C., Moore, D.: The Spread of the Witty Worm. IEEE Security & Privacy 2, 46–50 (2004)
Staniford, S., Paxson, V., Weaver, N.: How to Own the Internet in Your Spare Time. In: Security 2002, San Francisco, CA, USA, pp. 149–167 (2002)
Spafford, E.H.: The Internet Worm Program: An Analysis. ACM SIGCOMM Computer Communication Review 19, 17–57 (1989)
Berghel, H.: The Code Red Worm: Malicious Software Knows No Bounds. Communications of the ACM 44, 15–19 (2001)
Ma, J., Voelker, G.M., Savage, S.: Self-Stopping Worms. In: WORM 2005, Fairfax, VA, USA, pp. 12–21 (2005)
Xiang, Y., Zhou, W., Chowdhury, M.: A Survey of Active and Passive Defence Mechanisms against DDoS Attacks (Technical Report), TR C04/02, School of In-formation Technology, Deakin University, Australia (2004)
Xiang, Y., Fan, X., Zhu, W.: Propagation of Active Worms: A Survey. International Journal of Computer Systems Science and Engineering (accepted, 2008)
Ellis, D.: Worm Anatomy and Model. In: WORM 2003, Washington D.C., USA, pp. 42–50 (2003)
Anderson, R.M., May, R.M.: Infectious Diseases of Humans: Dynamics and Control. Oxford University Press, Oxford (1991)
Andersson, H., Britton, T.: Stochastic Epidemic Models and Their Statistical Analysis. Springer, New York (2000)
Bailey, N.T.: The Mathematical Theory of Infectious Diseases and Its Applications. Hafner Press, New York (1975)
Frauenthal, J.C.: Mathematical Modeling in Epidemiology. Springer, New York (1980)
Daley, D.J., Gani, J.: Epidemic Modelling: An Introduction. Cambridge University Press, Cambridge (1999)
Zou, C.C., Gong, W., Towsley, D.: Code Red Worm Propagation Modeling and Analysis. In: CCS 2002, Washington D.C., USA, pp. 138–147 (2002)
Chen, Z., Gao, L., Kwiat, K.: Modeling the Spread of Active Worms. In: IEEE INFOCOM, pp. 1890–1900 (2003)
Wang, Y., Wang, C.: Modeling the Effects of Timing Parameters on Virus Propagation. In: WORM 2003, Washington D.C., USA, pp. 61–66 (2003)
Rohloff, K., Basar, T.: Stochastic Behavior of Random Constant Scanning Worms. In: 14th ICCCN, San Diego, CA, USA, pp. 339–344 (2005)
Sellke, S., Shroff, N.B., Bagchi, S.: Modeling and Automated Containment of Worms. In: DSN 2005, pp. 528–537 (2005)
Zou, C.C., Towsley, D., Gong, W.: On the Performance of Internet Worm Scanning Strategies. University of Massachusetts (2003)
Wagner, A., Dubendorfer, T.: Experiences with Worm Propagation Simulations. In: WORM 2003, Washington D.C., USA, pp. 34–41 (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 IFIP International Federation for Information Processing
About this paper
Cite this paper
Fan, X., Xiang, Y. (2008). Accelerating the Propagation of Active Worms by Employing Multiple Target Discovery Techniques. In: Cao, J., Li, M., Wu, MY., Chen, J. (eds) Network and Parallel Computing. NPC 2008. Lecture Notes in Computer Science, vol 5245. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-88140-7_14
Download citation
DOI: https://doi.org/10.1007/978-3-540-88140-7_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-88139-1
Online ISBN: 978-3-540-88140-7
eBook Packages: Computer ScienceComputer Science (R0)