Abstract
File-sharing worms have been terrorizing Peer-to-peer (P2P) systems in recent years. Existing defenses relying on users’ individual recoveries or limiting users’ file-sharing activities are ineffective. Automated patching tools such as Microsoft Windows Update and Symantec Security Update are currently the most popular vehicles for eliminating and containing Internet worms, but they are not necessarily the best fits for combating P2P file-sharing worms, which propagate within a relatively smaller community. In this paper, we propose a complementary P2P-tailored patching system which utilizes the existing file-sharing mechanisms to internally disseminate security patches to those participating peers in a timely and distributed fashion. Specifically, we examine the effectiveness of leveraging the file downloading or searching process to notify vulnerable end hosts of the surging worms and push corresponding security updates to these hosts. We show through in-depth analysis and extensive experiments that both methods are scalable and effective in combating existing P2P worms.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
The gnutella protocol specification, http://www.the-gdf.org
http://en.wikipedia.org/wiki/comparison_of_file_sharing_applications
P2PSim: a simulator for peer-to-peer protocols, http://pdos.csail.mit.edu/p2psim
Using binary delta compression technology to update windows operating systems. Microsoft online White Paper
Biddle, P., England, P., Peinado, M., Willman, B.: The darknet and the future of content distribution. In: ACM Workshop on Digital Rights Management (2002)
Brumley, D., Newsome, J., Song, D., Wang, H., Jha, S.: Towards automatic generation of vulnerability-based signatures. In: Proceedings of the 2006 IEEE Symposium on Security and Privacy (2006)
Costa, M., Crowcroft, J., Castro, M., Rowstron, A.: Can we contain internet worms? In: Proc. of the 3rd Worshop on Hot Topics in Networks (HotNets-III) (November 2004)
Dumitriu, D., Knightly, E., Kuzmanovic, A., Stoica, I., Zwaenepoel, W.: Denial-of-service resilience in peer-to-peer file sharing systems. In: Sigmetrics 2005 (2005)
Gkantsidis, C., Karagiannis, T., Rodriguez, P., Vojnovic, M.: Planet scale software updates. In: Proc. of SIGCOMM 2006 (2006)
Good, N., Krekelberg, A.: Usability and privacy: a study of kazaa p2p file-sharing (2002), http://www.hpl.hp.com/shl/papers/kazaa/index.html
Hughes, D., Coulson, G., Walkerdine, J.: Free riding on gnutella revisited: the bell tolls. In: Proc. of IEEE Distributed Systems Online (2005)
Joseph, S.: NeuroGrid: Semantically routing queries in peer–to–peer networks. In: International Workshop on Peer-to-Peer Computing (2002)
Kc, G., Keromytis, A., Prevelakis, V.: Countering code-injection attacks with instruction-set randomization. In: ACM CCS 2003 (October 2003)
Kumar, R., Yao, D., Bagchi, A., Ross, K., Rubenstein, D.: Fluid modeling of pollution proliferation in p2p networks. In: Sigmetrics 2006(2006)
Leibowitz, N., Ripeanu, M., Wierzbicki, A.: Deconstructing the kazaa network. In: Proc. of IEEE IWAPP 2003 (2003)
Mulz, D., Valeur, F., Kruegel, C., Vigna, G.: Anomalous system call detection. In: ACM TISSEC 2006 (2006)
Newstone, J., Song, D.: Dynamic taint analysis: Automatic detection and generation of software exploit attacks. In: Proc. of the 12th Annual Network and Distributed System Security Symposium (NDSS 2005) (2005)
Shin, S., Jung, J., Balakrishnan, H.: Malware prevalence in the kazaa file-sharing network. In: ACM Internet Measurement Conference 2006 (2006)
Stoica, I., Morris, R., Liben-Nowell, D., Karger, D., Kaashoek, M., Dabek, F., Balakrishnan, H.: Chord: A scalable peer-to-peer lookup protocol for internet applications. In: IEEE Trans. on Networking (2002)
Thommes, R., Coates, M.: Epidemiological modeling of peer-to-peer viruses and pollution. In: Infocom 2006 (2006)
Vojnovic, M., Ganesh, A.: On the race of worms, alerts and patches. In: ACM Workshop on WORM (2005)
Zetter, K.: Kazza delivers more than tunes. The Wired Magazine (2004)
Zhou, L., Zhang, L., McSherry, F., Immorlica, N., Costa, M., Chien, S.: A first look at p2p worms: threats and denfenses. In: Castro, M., van Renesse, R. (eds.) IPTPS 2005. LNCS, vol. 3640, Springer, Heidelberg (2005)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Xie, L., Song, H., Zhu, S. (2008). On the Effectiveness of Internal Patching Against File-Sharing Worms. In: Bellovin, S.M., Gennaro, R., Keromytis, A., Yung, M. (eds) Applied Cryptography and Network Security. ACNS 2008. Lecture Notes in Computer Science, vol 5037. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-68914-0_1
Download citation
DOI: https://doi.org/10.1007/978-3-540-68914-0_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-68913-3
Online ISBN: 978-3-540-68914-0
eBook Packages: Computer ScienceComputer Science (R0)