Abstract
The availability of reliable models of computer virus propagation would prove useful in a number of ways, in order both to predict future threats, and to develop new containment measures. In this paper, we review the most popular models of virus propagation, analyzing the underlying assumptions of each of them, their strengths and their weaknesses. We also introduce a new model, which extends the Random Constant Spread modeling technique, allowing us to draw some conclusions about the behavior of the Internet infrastructure in presence of a self-replicating worm. A comparison of the results of the model with the actual behavior of the infrastructure during recent worm outbreaks is also presented.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Cohen, F.: Computer Viruses. PhD thesis, University of Southern California (1985)
Cohen, F.: Computer viruses – theory and experiments. Computers & Security 6, 22–35 (1987)
Power, R.: 2003 csi/fbi computer crime and security survey. In: Computer Security Issues & Trends, vol. VIII, Computer Security Institute (2002)
White, S.R.: Open problems in computer virus research. In: Proceedings of the Virus Bulletin Conference (1998)
Staniford, S., Paxson, V., Weaver, N.: How to 0wn the internet in your spare time. In: Proceedings of the 11th USENIX Security Symposium (Security 2002) (2002)
Whalley, I., Arnold, B., Chess, D., Morar, J., Segal, A., Swimmer, M.: An environment for controlled worm replication and analysis. In: Proceedings of the Virus Bulletin Conference (2000)
Calzarossa, M.C.: Performance Evaluation of Mail Systems. In: Calzarossa, M.C., Gelenbe, E. (eds.) MASCOTS 2003. LNCS, vol. 2965, pp. 51–67. Springer, Heidelberg (2004)
Gelenbe, E., Lent, R., Gellman, M., Liu, P., Su, P.: CPN and QoS Driven Smart Routing in Wired and Wireless Networks. In: Calzarossa, M.C., Gelenbe, E. (eds.) MASCOTS 2003. LNCS, vol. 2965, pp. 68–87. Springer, Heidelberg (2004)
Spafford, E.H.: Crisis and aftermath. Communications of the ACM 32, 678–687 (1989)
Kephart, J.O., White, S.R.: Directed-graph epidemiological models of computer viruses. In: IEEE Symposium on Security and Privacy, pp. 343–361 (1991)
Hethcote, H.W.: The mathematics of infectious diseases. SIAM Review 42, 599–653 (2000)
Billings, L., Spears, W.M., Schwartz, I.B.: A unified prediction of computer virus spread in connected networks. Physics Letters A, 261–266 (2002)
Zou, C.C., Towsley, D., Gong, W.: Email virus propagation modeling and analysis. Technical Report TR-CSE-03-04 (University of Massachussets, Amherst)
Permeh, R., Maiffret, M.: ida ’code red’ worm. Advisory AL20010717 (2001)
Permeh, R., Maiffret, M.: Code red disassembly. Assembly code and research paper (2001)
Permeh, R., Hassell, R.: Microsoft i.i.s. remote buffer overflow. Advisory AD20010618 (2001)
Levy, E.A.: Smashing the stack for fun and profit. Phrack magazine 7 (1996)
Craig Labovitz, A.A., Bailey, M.: Shining light on dark address space. Technical report, Arbor networks (2001)
Moore, D., Shannon, C., Brown, J.: Code-red: a case study on the spread and victims of an internet worm. In: Proceedings of the ACM SIGCOMM/USENIX Internet Measurement Workshop (2002)
Moore, D.: Network telescopes: Observing small or distant security events. In: Proceedings of the 11th USENIX Security Symposium (2002)
Chen, Z., Gao, L., Kwiat, K.: Modeling the spread of active worms. In: Proceedings of IEEE INFOCOM 2003 (2003)
Zou, C.C., Gao, L., Gong, W., Towsley, D.: Monitoring and early warning for internet worms. In: Proceedings of the 10th ACM conference on Computer and communication security, pp. 190–199. ACM Press, New York (2003)
Zou, C.C., Gong, W., Towsley, D.: Code red worm propagation modeling and analysis. In: Proceedings of the 9th ACM conference on Computer and communications security, pp. 138–147. ACM Press, New York (2002)
Wang, C., Knight, J.C., Elder, M.C.: On computer viral infection and the effect of immunization. In: ACSAC, pp. 246–256 (2000)
Wang, Y., Wang, C.: Modelling the effects of timing parameters on virus propagation. In: Proceedings of the ACM CCS Workshop on Rapid Malcode (WORM 2003) (2003)
Zou, C.C., Gong, W., Towsley, D.: Worm propagation modeling and analysis under dynamic quarantine defense. In: Proceedings of the ACM CCS Workshop on Rapid Malcode (WORM 2003) (2003)
Moore, D., Shannon, C., Voelker, G.M., Savage, S.: Internet quarantine: Requirements for containing self-propagating code. In: INFOCOM (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Serazzi, G., Zanero, S. (2004). Computer Virus Propagation Models. In: Calzarossa, M.C., Gelenbe, E. (eds) Performance Tools and Applications to Networked Systems. MASCOTS 2003. Lecture Notes in Computer Science, vol 2965. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24663-3_2
Download citation
DOI: https://doi.org/10.1007/978-3-540-24663-3_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-21945-3
Online ISBN: 978-3-540-24663-3
eBook Packages: Springer Book Archive