Modeling the propagation of Peer-to-Peer worms

Propagation of Peer-to-Peer (P2P) worms in the Internet is posing a serious challenge to network security research because of P2P worms' increasing complexity and sophistication. Due to the complexity of the problem, no existing work has solved the problem of modeling the propagation of P2P worms, especially when quarantine of peers is enforced. This paper presents a study on modeling the propagation of P2P worms. It also presents our applications of the proposed approach in worm propagation research. Motivated by our aspiration to invent an easy-to-employ instrument for worm propagation research, the proposed approach models the propagation processes of P2P worms by difference equations of a logic matrix, which are essentially discrete-time deterministic propagation models of P2P worms. To the best of our knowledge, we are the first using a logic matrix in network security research in general and worm propagation modeling in particular. Our major contributions in this paper are firstly, we propose a novel logic matrix approach to modeling the propagation of P2P worms under three different conditions; secondly, we find the impacts of two different topologies on a P2P worm's attack performance; thirdly, we find the impacts of the network-related characteristics on a P2P worm's attack performance in structured P2P networks; and fourthly, we find the impacts of the two different quarantine tactics on the propagation characteristics of P2P worms in unstructured P2P networks. The approach's ease of employment, which is demonstrated by its applications in our simulation experiments, makes it an attractive instrument to conduct worm propagation research.

[1]  David Moore,et al.  Code-Red: a case study on the spread and victims of an internet worm , 2002, IMW '02.

[2]  Chuanyi Ji,et al.  A self-learning worm using importance scanning , 2005, WORM '05.

[3]  Tamer Basar,et al.  Stochastic behavior of random constant scanning worms , 2005, Proceedings. 14th International Conference on Computer Communications and Networks, 2005. ICCCN 2005..

[4]  Don Towsley,et al.  Routing worm: a fast, selective attack worm based on IP address information , 2005, Workshop on Principles of Advanced and Distributed Simulation (PADS'05).

[5]  J. Frauenthal Mathematical Modeling in Epidemiology , 1980 .

[6]  Wei Yu Analyze the worm-based attack in large scale P2P networks , 2004, Eighth IEEE International Symposium on High Assurance Systems Engineering, 2004. Proceedings..

[7]  Yang Xiang,et al.  Propagation of active worms: A survey , 2009, Comput. Syst. Sci. Eng..

[8]  H. Andersson,et al.  Stochastic Epidemic Models and Their Statistical Analysis , 2000 .

[9]  Eugene H. Spafford,et al.  The internet worm program: an analysis , 1989, CCRV.

[10]  Yang Wang,et al.  Modeling the effects of timing parameters on virus propagation , 2003, WORM '03.

[11]  R. May,et al.  Infectious Diseases of Humans: Dynamics and Control , 1991, Annals of Internal Medicine.

[12]  Daryl J. Daley,et al.  Epidemic Modelling: An Introduction , 1999 .

[13]  Chuanyi Ji,et al.  Importance-scanning worm using vulnerable-host distribution , 2005, GLOBECOM '05. IEEE Global Telecommunications Conference, 2005..

[14]  Vern Paxson,et al.  How to Own the Internet in Your Spare Time , 2002, USENIX Security Symposium.

[15]  Donald F. Towsley,et al.  Code red worm propagation modeling and analysis , 2002, CCS '02.

[16]  Donald F. Towsley,et al.  On the performance of Internet worm scanning strategies , 2006, Perform. Evaluation.

[17]  Kevin A. Kwiat,et al.  Modeling the spread of active worms , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[18]  N. Ling The Mathematical Theory of Infectious Diseases and its applications , 1978 .

[19]  Robert K. Cunningham,et al.  A taxonomy of computer worms , 2003, WORM '03.

[20]  Iván Arce,et al.  An Analysis of the Slapper Worm , 2003, IEEE Secur. Priv..

[21]  Norman T. J. Bailey,et al.  The Mathematical Theory of Infectious Diseases , 1975 .

[22]  Saurabh Bagchi,et al.  Modeling and automated containment of worms , 2005, 2005 International Conference on Dependable Systems and Networks (DSN'05).