A Distributed Framework for Passive Worm Detection and Throttling in P2P Networks

We analyse different worm and patch propagation models along with the ones we have developed and evaluated as a part of our ongoing passive P2P worm & patch modelling project. This is followed by a brief discussion on worm detection mechanisms proposed by various authors. Towards the very end of this article, we propose a distributed framework for passive worm throttling in P2P networks and discuss its feasibility and efficiency keeping in view different design considerations.

[1]  Ayalvadi J. Ganesh,et al.  On the effectiveness of automatic patching , 2005, WORM '05.

[2]  H. Afifi,et al.  Party: Pastry-Like Multi-hop Routing Protocol for Wireless Self-Organizing Networks , 2006, 2006 Proceedings of the First Mobile Computing and Wireless Communication International Conference.

[3]  Dong Xuan,et al.  Peer-to-peer system-based active worm attacks: modeling and analysis , 2005, IEEE International Conference on Communications, 2005. ICC 2005. 2005.

[4]  Jun Xu,et al.  WORM vs. WORM: preliminary study of an active counter-attack mechanism , 2004, WORM '04.

[5]  Johann van der Merwe,et al.  A survey on peer-to-peer key management for mobile ad hoc networks , 2007, CSUR.

[6]  Guanling Chen,et al.  Simulating non-scanning worms on peer-to-peer networks , 2006, InfoScale '06.

[7]  Matthew M. Williamson,et al.  Implementing and Testing a Virus Throttle , 2003, USENIX Security Symposium.

[8]  Sergio F. Ochoa,et al.  Integrated notation for software architecture specifications , 2004, XXIV International Conference of the Chilean Computer Science Society.

[9]  R. Srikant,et al.  Peer to Peer Networks for Defense Against Internet Worms , 2007, IEEE Journal on Selected Areas in Communications.

[10]  Guangli Xiang,et al.  Modeling Passive Worm Propagation in Peer-to-Peer System , 2006, 2006 International Conference on Computational Intelligence and Security.

[11]  Idris Bharanidharan Shanmugam,et al.  Hybrid intelligent Intrusion Detection System , 2005 .

[12]  Myung-Kyun Kim,et al.  Group-based public-key management for self-securing large mobile ad-hoc networks , 2007, 2007 International Forum on Strategic Technology.

[13]  David M. Nicol,et al.  Comparing passive and active worm defenses , 2004, First International Conference on the Quantitative Evaluation of Systems, 2004. QEST 2004. Proceedings..

[14]  William Stallings,et al.  Cryptography and Network Security: Principles and Practice , 1998 .

[15]  Zhiguang Qin,et al.  Propagation modeling of passive worms in P2P networks , 2008, 2008 IEEE Conference on Cybernetics and Intelligent Systems.

[16]  R.W. Thommes,et al.  Modeling Virus Propagation in Peer-to-Peer Networks , 2005, 2005 5th International Conference on Information Communications & Signal Processing.

[17]  George Kesidis,et al.  Preliminary results using scale-down to explore worm dynamics , 2004, WORM '04.

[18]  Vern Paxson,et al.  How to Own the Internet in Your Spare Time , 2002, USENIX Security Symposium.

[19]  Zhiguang Qin,et al.  Defense against Passive Worms in P 2 P Networks , 2009 .

[20]  Matthew Murray Williamson,et al.  An epidemiological model of virus spread and cleanup , 2003 .

[21]  Steve Chien,et al.  A First Look at Peer-to-Peer Worms: Threats and Defenses , 2005, IPTPS.

[22]  Wei Yu,et al.  Analyzing Impacts of Peer-to-Peer Systems on Propagation of Active Worm Attacks , 2004 .

[23]  Eugene H. Spafford,et al.  The design and implementation of tripwire: a file system integrity checker , 1994, CCS '94.