Defending against the Propagation of Active Worms

Recently, active worms such as the Code Red worm of 2001 and the Slammer worm of 2003, both of which adopted the uniform scanning approach, have caused significant financial loss due to their rapid propagation over the Internet. Current defense mechanisms, due to their inherent drawbacks, respond too slowly compared to the propagation of active worms which scan uniformly. This paper presents the results from our study on defending against the propagation of active worms which employ the uniform scanning approach. Our major contributions in this paper are first, we proposed a novel defense mechanism and compared it to other defense mechanisms; and second, we evaluated the effectiveness of this defense mechanism using results of the simulation experiments conducted and found the appropriate value of one of its parameters. In the future, detailed implementation of the proposed defense mechanism is to be studied.