The large-scaled worm infestation promotes the investigation of worm character. The current research of worm character can be classified into three categories: mathematical modeling of worm, emulation based on testbed, and package level worm simulation. However, in spite of the higher accuracy, the latter two methods require a high power of memory and computation, which poses a challenge to the large-scaled worm simulation. To solve this problem, a hybrid model of simulation was proposed with a selective abstraction. The hybrid worm simulation is a combination of mathematics analysis and package level simulation, achieving a better compromise between accuracy and efficiency. However, existing hybrid simulation framework still has some limitations, because the mathematic model of it can not consider the effect of defense and network congestion very well. In order to improve the accuracy of hybrid worm simulation, the current study proposes a novel method based on a two-factor model and provides experimental evidence of the higher accuracy of simulation by using the new method.
[1]
Vern Paxson,et al.
How to Own the Internet in Your Spare Time
,
2002,
USENIX Security Symposium.
[2]
J. Frauenthal.
Mathematical Modeling in Epidemiology
,
1980
.
[3]
G. Kesidis,et al.
Emulation of “single-packet” UDP Scanning Worms in Large Enterprises
,
2005
.
[4]
Donald F. Towsley,et al.
Code red worm propagation modeling and analysis
,
2002,
CCS '02.
[5]
Srikanth Sundaragopalan,et al.
High-fidelity modeling of computer network worms
,
2004,
20th Annual Computer Security Applications Conference.
[6]
David M. Nicol,et al.
A mixed abstraction level simulation model of large-scale Internet worm infestations
,
2002,
Proceedings. 10th IEEE International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunications Systems.
[7]
David M. Nicol,et al.
Multiscale Modeling and Simulation of Worm Effects on the Internet Routing Infrastructure
,
2003,
Computer Performance Evaluation / TOOLS.