posted on 2011-01-01, 00:00authored byYini Wang, Sheng Wen, Yang Xiang
There are the two common means for propagating worms: scanning vulnerable computers in the network and sending out malicious email attachments. Modeling the propagation of worms can help us understand how worms spread and devise effective defence strategies. Most traditional models simulate the overall scale of infected network in each time tick, making them invalid for examining deep inside the propagation procedure among individual nodes. For this reason, this paper proposes a novel probability matrix to model the propagation mechanism of the two main classes of worms (scanning and email worms) by concentrating on the propagation probability. The objective of this paper is to access the spreading and work out an effective scheme against the worms. In order to evaluate the effects of each major component in our probability model, we implement a series of experiments for both worms. From the results, the network administrators can make decision on how to reduce the number of vulnerable nodes to a certain threshold for scanning worms, and how to immunize the highly-connected node for preventing worm's propagation for email worms.
History
Event
Network and System Security. Conference (5th : 2011 : Milan, Italy)