Sensitivity Analysis of an Attack Containment Model
A feedback control model has been previously proposed to regulate the number of connections at different levels of a network. This regulation is applied in the presence of a worm attack resulting in a slow down of the spreading worm allowing time to human reaction to properly eliminate the worm in the infected hosts. The feedback model constitutes of two queues, one for safe connections and another for suspected connections. The behavior of the proposed model is based on three input parameters to the model. These parameters are: (i) the portion of new connection requests to be sent to the suspect queue, (ii) the number of requests to be transferred from the suspect to the safe queue, and (iii) the time out value of the requests waiting in the suspect queue. The more we understand the effects of these parameters on the model, the better we can calibrate the model. Based on this necessity, a sensitivity analysis of the model is presented here. The analysis allows for the computation of the effects of changing parameters in the output of the model. In addition, the use of a sensitivity matrix permits the computations of not only changes in one parameter but also combined changes of these parameters. From the sensitivity analysis we have verified our assumption that the changes in the input parameters have no effect on the overall system stability. However, there will be a short period of instability before reaching a stable state.
KeywordsQueue Size Connection Request Sensitivity Matrix Feedback Model Worm Propagation
Unable to display preview. Download preview PDF.
- 1.Staniford, S., Paxson, V., Weaver, N.: How to own internet in your spare time. In: Proceedings of the USENIX Security Symposium, August 2002, pp. 149–167 (2002)Google Scholar
- 2.Moore, D., Paxson, V., Savage, S., Shannon, C., Staniford, S., Weaver, N.: The spread of the sapphire worm, http://cs.berkely.edu/~nweaver/sapphire
- 3.Williamson, M.M.: Throttling viruses: Restricting propagation to defeat malicious mobile code. In: 18th Annual Computer Security Applications Conference, December 2002, pp. 61–68 (2002)Google Scholar
- 4.Sensitivity Analysis. John Wiley & Sons, Chichester (2000)Google Scholar
- 5.Dantu, R., Cangussu, J.W., Yelimeli, A.: Dynamic control of worm propagation. In: Proceedings of ITCC 2004, International Conference on Information Technology, April 5-7, 2004, vol. 1, pp. 419–423 (2004)Google Scholar
- 7.DeCarlo, R.A.: Linear systems: A state variable approach with numerical implementation. Prentice-Hall, Upper Saddle River (1989)Google Scholar