A Novel Contagion-Like Patch Dissemination Mechanism against Peer-to-Peer File-Sharing Worms
Peer-to-peer (P2P) file-sharing worms are becoming a deadly security threat to P2P systems. The defense that just relies on the improvement of users’ security awareness and their individual recoveries is not adequate. Existing automated patching systems such as Microsoft Windows Update and Symantec Security Update are also not necessarily the best fits in combat with P2P file-sharing worms, because of the inconsistency between the jurisdiction of these patching systems and the propagation community of P2P file-sharing worms. In this paper, with a deep understanding of the propagation characteristic of P2P file-sharing worms and the inspiration of more rapid contagion worms, we propose a complementary contagion-like patch dissemination mechanism which utilizes the existing file-sharing infrastructure to timely disseminate security patches between the participating peers of the file downloading. In addition, the digital signature scheme is introduced to prevent malicious peers tampering with patches in the dissemination process. Through the epidemiological model and extensive packet-level simulations we demonstrate the effectiveness of the proposed patch dissemination mechanism.
KeywordsPeer-to-peer file-sharing worm Contagion Workload
Unable to display preview. Download preview PDF.
- 1.Sandvine Incorporated ULC. 2008 Analysis of Traffic Demographics in North-American Broadband Networks (June 2008), http://www.sandvine.com/general/documents/Traffic_Demographics_NA_Broadband_Networks.pdf
- 3.Shin, S., Jung, J., Balakrishnan, H.: Malware Prevalence in the KaZaA File-Sharing Network. In: 6th ACM SIGCOMM Internet Measurement Conference, pp. 333–338. ACM Press, New York (2006)Google Scholar
- 5.Brumley, D., Liu, L., Poosankam, P., Song, D.: Design Space and Analysis of Worm Defense Strategies. In: ACM Symposium on Information, Computer and Communication Security, pp. 125–137. ACM Press, New York (2006)Google Scholar
- 6.Staniford, S., Paxson, V., Weaver, N.: How to Own the Internet in Your Spare Time. In: 11th USENIX Security Symposium, pp. 149–167. USENIX Association, Berkeley (2002)Google Scholar