A Novel Contagion-Like Patch Dissemination Mechanism against Peer-to-Peer File-Sharing Worms

  • Xiaofeng Nie
  • Jiwu Jing
  • Yuewu Wang
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6151)


Peer-to-peer (P2P) file-sharing worms are becoming a deadly security threat to P2P systems. The defense that just relies on the improvement of users’ security awareness and their individual recoveries is not adequate. Existing automated patching systems such as Microsoft Windows Update and Symantec Security Update are also not necessarily the best fits in combat with P2P file-sharing worms, because of the inconsistency between the jurisdiction of these patching systems and the propagation community of P2P file-sharing worms. In this paper, with a deep understanding of the propagation characteristic of P2P file-sharing worms and the inspiration of more rapid contagion worms, we propose a complementary contagion-like patch dissemination mechanism which utilizes the existing file-sharing infrastructure to timely disseminate security patches between the participating peers of the file downloading. In addition, the digital signature scheme is introduced to prevent malicious peers tampering with patches in the dissemination process. Through the epidemiological model and extensive packet-level simulations we demonstrate the effectiveness of the proposed patch dissemination mechanism.


Peer-to-peer file-sharing worm Contagion Workload 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Sandvine Incorporated ULC. 2008 Analysis of Traffic Demographics in North-American Broadband Networks (June 2008),
  2. 2.
  3. 3.
    Shin, S., Jung, J., Balakrishnan, H.: Malware Prevalence in the KaZaA File-Sharing Network. In: 6th ACM SIGCOMM Internet Measurement Conference, pp. 333–338. ACM Press, New York (2006)Google Scholar
  4. 4.
    Xie, L., Song, H., Zhu, S.: On the Effectiveness of Internal Patching Against File-Sharing Worms. In: Bellovin, S.M., Gennaro, R., Keromytis, A.D., Yung, M. (eds.) ACNS 2008. LNCS, vol. 5037, pp. 1–20. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  5. 5.
    Brumley, D., Liu, L., Poosankam, P., Song, D.: Design Space and Analysis of Worm Defense Strategies. In: ACM Symposium on Information, Computer and Communication Security, pp. 125–137. ACM Press, New York (2006)Google Scholar
  6. 6.
    Staniford, S., Paxson, V., Weaver, N.: How to Own the Internet in Your Spare Time. In: 11th USENIX Security Symposium, pp. 149–167. USENIX Association, Berkeley (2002)Google Scholar
  7. 7.
    Thommes, R., Coates, M.: Epidemiological Modeling of Peer-to-Peer Viruses and Pollution. In: IEEE INFOCOM 2006, pp. 1–12. IEEE Press, Piscataway (2006)CrossRefGoogle Scholar
  8. 8.
    Stutzbach, D., Zhao, S., Rejaie, R.: Characterizing Files in the Modern Gnutella Network: A Measurement Study. Multimedia Systems 13, 35–50 (2007)CrossRefGoogle Scholar
  9. 9.
    Stutzbach, D., Rejaie, R., Sen, S.: Characterizing Unstructured Overlay Topologies in Modern P2P File-Sharing Systems. IEEE/ACM Transactions on Networking 16, 267–280 (2008)CrossRefGoogle Scholar
  10. 10.
    Gummadi, K.P., Dunn, R.J., Saroiu, S., Gribble, S.D., Levy, H.M., Zahorjan, J.: Measurement, Modeling, and Analysis of a Peer-to-Peer File-Sharing Workload. In: 19th ACM Symposium on Operating System Principles, pp. 314–329. ACM Press, New York (2003)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Xiaofeng Nie
    • 1
  • Jiwu Jing
    • 1
  • Yuewu Wang
    • 1
  1. 1.State Key Laboratory of Information SecurityGraduate University of Chinese Academy of SciencesBeijingChina

Personalised recommendations