Abstract
Addressing the problem overlooked by those continuous time worm propagation models, namely it must take each worm instance a certain period of time delay to completely infect a targeted vulnerable host after it has scanned the host, the paper analyzes in depth the reasons which cause the well-known discrete time AAWP model also overestimating the spread speed of active worm propagations. Then the paper puts forward a more proper states transition of vulnerable hosts during active worm propagations. Last but the most important, a new model named Optimized-AAWP is proposed with more reasonable understanding of this time delay, i.e. infection time of a worm, in each round of worm infection. The simulation results show that the Optimized-AAWP model can reflect the important effect of infection time on active worm propagations more accurately.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
DVLabs, TippingPoint IPS and Application Security Center. SECURE Your Network: 2010 Full Year Top Cyber Security Risk Report, Tech. Rep., HP Corporation (2011)
Weaver, N., Paxson, V., Staniford, S., Cunningham, R.: A Taxonomy of Computer Worms. In: Proceedings of the 1st ACM Workshop on Rapid Malcode (WORM 2003), Washington DC, USA, pp. 11–18 (2003)
Staniford, S., Paxson, V., Weaver, N.: How to 0wn the Internet in Your Spare Time. In: Proceedings of the 11th USENIX Security Symposium (Security 2002), San Francisco, CA, USA, pp. 149–167 (2002)
Weaver, N.: Potential Strategies for High Speed Active Worms: A Worst Case Analysis, White Paper, BRASS Group, UC Berkeley (2002)
Wu, J., Vangala, S., Gao, L., et al.: An Effective Architecture and Algorithm for Detecting Worms with Various Scan Techniques. In: Proceedings of the 11th Annual Network and Distributed System Security Symposium (NDSS 2004), San Diego, CA, USA, pp. 143–156 (2004)
Scandariato, R., Knight, J.C.: The Design and Evaluation of a Defense System of Internet Worms. In: Proceedings of the 23rd IEEE International Symposium on Reliable Distributed Systems (SRDS 2004), Florianpolis, Brazil, pp. 164–173 (2004)
Daley, D.J., Gani, J.: Epidemic Modeling: An Introduction, pp. 120–126. Canbridge University Press, Cambridge (1999)
Kephart, J.O., White, S.R.: Measuring and Modeling Computer Virus Prevalence. In: Proceedings of IEEE Computer Society Symposium on Research in Security and Privacy, Oakland, CA, USA, pp. 2–3 (1993)
Frauenthal, J.C.: Mathematical Modeling in Epidemiology, pp. 78–93. Springer, New York (1980)
Zou, C., Gong, W., Towsley, D.: Code Red Worm Propagation Modeling and Analysis. In: Proceedings of the 9th ACM Conference on Computer and Communication Security, Washington DC, USA, pp. 143–148 (2002)
Chen, Z., Gao, L., Kwiat, K.: Modeling the Spread of Active Worms. In: Proceedings of IEEE INFOCOM 2003, San Franciso, CA, USA, pp. 1890–1900 (2003)
Chen, Z., Chen, C., Ji, C.: Understanding localized-scanning worms. In: Proceedings of 26th IEEE International Performance Computing and Communications Conference (IPCCC 07), New Orleans, LA, pp. 186–193 (2007)
Chen, C., Chen, Z., Li, Y.: Characterizing and Defending against Divide-conquer-scanning Worms. Computer Networks 54(18), 3210–3222 (2010)
Chen, Z., Ji, C.: Optimal worm-scanning method using vulnerable-host distributions. International Journal of Security and Networks 2(1), 71–80 (2007)
Choi, Y.H., Liu, P., Seo, S.W.: Creation of the importance scanning worm using information collected by Botnets. Computer Communications 33(6), 676–688 (2010)
Zou, C.C., Towsley, D., Gong, W.: On the Performance of Internet Worm Scanning Strategies. Journal of Performance Evaluation 63(7), 700–723 (2006)
Rajab, M., Monrose, F., Terzis, A.: On the Effectiveness of Distributed Worm Monitoring. In: Proceedings of the 14 th USENIX Security Symposium, Baltimore, MD, USA, pp. 225–237 (2005)
Rajab, M., Monrose, F., Terzis, A.: On the Impact of Dynamic Addressing on Malware Propagation. In: Proceedings of the 2006 ACM Workshop on Recurring Malcode (WORM), Alexandria, VA, USA, pp. 145–153 (2006)
Chen, Z., Chen, C.: Heterogeneity in vulnerable hosts slows down worm propagation. In: Global Communications Conference (GLOBECOM 2012), pp. 923–928 (2012)
Liu, B., Wang, H., Xiao, F., Chen, X.: Enhanced-AAWP, a heterogeneous networkoriented worm propagation model. Journal on Communications 32(12), 103–113 (2011) (in Chinese with English abstract)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Liu, H., Ma, X., Wang, T., Ding, B., Lu, Q. (2014). Modeling the Effect of Infection Time on Active Worm Propagations. In: Batten, L., Li, G., Niu, W., Warren, M. (eds) Applications and Techniques in Information Security. ATIS 2014. Communications in Computer and Information Science, vol 490. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-45670-5_12
Download citation
DOI: https://doi.org/10.1007/978-3-662-45670-5_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-45669-9
Online ISBN: 978-3-662-45670-5
eBook Packages: Computer ScienceComputer Science (R0)