Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
Springer Nature Link
Log in

Analysis of the Propagation Pattern of a Worm with Random Scanning Strategy Based on Usage Rate of Network Bandwidth

  • Conference paper
Information, Security and Cryptology – ICISC 2009 (ICISC 2009)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5984))

Included in the following conference series:

  • 1273 Accesses

Abstract

There have been many studies on modeling the propagation patterns of Internet worms since the advent of Morris worm. Among them, there is a well defined propagation model, which is generally called random constant spread (RCS) model. However, there are some limitations to model the propagation patterns of new emergent Internet worms with the RCS model because the model uses the only number of infected hosts as the factor of a worm’s propagation. The new worms have several considerable characteristics: utilization of a faster scanning strategy, miniaturization of the size of a worm’s propagation packet, denial of service by network saturation, and maximum damage before human-mediated responses. These characteristics make it difficult to notice much harder than before whether a worm propagates itself or not. Therefore, a basic factor instead of the number of infected hosts, which is used by the RCS model, is required to model the propagation patterns of new worms. In this paper, only analysis and simulation results based on usage rate of network bandwidth, which can be considered as a basic factor, are presented about the propagation pattern of a worm with random scanning strategy. Miniaturization of the size of a propagation packet and utilization of a faster scanning strategy are related to the size of worm’s propagation packet and its propagation rate, respectively. It is presented that the latter is more sensitive than the former.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Morris worm, http://en.wikipedia.org/wiki/Morris_worm

  2. Bailey, N.T.J.: The Mathematical Theory of Epidemics, New York, Hafner (1957)

    Google Scholar 

  3. Hethcote, H.W.: The Mathematics of Infectious Diseases. SIAM Review 42(4), 599–653 (2000)

    Article  MathSciNet  MATH  Google Scholar 

  4. Moore, D., Shannon, C., Voelker, G.M., Savage, S.: Internet Quarantine: Requirements for Containing Self-Propagating Code. In: Proc. of IEEE INFOCOM 2003 Conference, IEEE Press, Los Alamitos (2003)

    Google Scholar 

  5. Staniford, S., Paxson, V., Weaver, N.: How to Own the Internet in Your Spare Time. In: Proc. of the 11th USENIX Security Symposium, pp. 149–167 (2002)

    Google Scholar 

  6. Kienzle, D.M., Elder, M.C.: Recent worms: a survey and trends. In: Proc. of the 2003 ACM Workshop on Rapid Malcode, pp. 1–10 (2003)

    Google Scholar 

  7. Qing, S., Wen, W.: A survey and trends on Internet worms. In: Computers & Security, vol. 24, pp. 334–346. Elsevier Ltd., Amsterdam (2005)

    Google Scholar 

  8. Zou, C.C., Towsley, D., Gong, W., Cai, S.: Advanced Routing Worm and Its Security Challenges. Simulation 82(1), 75–85 (2006)

    Article  Google Scholar 

  9. Zou, C.C., Towsley, D., Gong, W.: Modeling and Simulation Study of the Propagation and Defense of Internet Email Worm. IEEE Transactions on Dependable and Secure Computing 4(2), 105–118 (2007)

    Article  Google Scholar 

  10. Provos, N., McClain, J., Wang, K.: Search Worms. In: Proc. of the 4th ACM Workshop on Recurring Malcode, pp. 1–8 (2006)

    Google Scholar 

  11. Kargl, F., Maier, J., Weber, M.: Protecting Web Servers from Distributed Denial of Service Attacks. In: Proc. of the 10th international conference on World Wide Web, pp. 514–524 (2001)

    Google Scholar 

  12. Zou, C.C., Gong, W., Towsley, D., Gao, L.: The monitoring and early detection of internet worms. IEEE/ACM Transactions on Networking (TON) 13(5), 961–974 (2005)

    Article  Google Scholar 

  13. Weaver, N.C.: Warhol Worms: The Potential for Very Fast Internet Plagues, http://www.iwar.org.uk/comsec/resources/worms/warhol-worm.htm

  14. Moore, D., Shannon, C.: Code-Red: a Case Study on the Spread and Victims of an Internet Worm. In: Proc. of the 2002 ACM SIGCOMM Internet Measurement Workshop, Marseille, France, pp. 273–284 (2002)

    Google Scholar 

  15. Frauenthal, J.C.: Mathematical Modeling in Epidemiology. Springer, New York (1980)

    MATH  Google Scholar 

  16. Zou, C.C., Gong, W., Towsley, D.: Code Red Worm Propagation Modeling and Analysis. In: Proc. of CCS 2002 (2002)

    Google Scholar 

  17. CAIDA (Cooperative Association for Internet Data Analysis), http://www.caida.org

  18. Zou, C.C., Gao, L., Gong, W., Towsley, D.: Monitoring and early warning for Internet worms. In: Proc. of 10th ACM Conf. Comput. Commun. Security, Washington, DC (2003)

    Google Scholar 

  19. Moore, D., Paxson, V., Savage, S., Shannon, C., Staniford, S., Weaver, N.: Inside the Slammer Worm. IEEE Security & Privacy 1(4) (2003)

    Google Scholar 

  20. IANA (Internet Assigned Numbers Authority), http://www.iana.org

  21. The network simulator: NS-2, http://www.isi.edu/nsnam/ns

  22. The MathWorks, http://www.mathworks.com

Download references

Author information

Authors and Affiliations

  1. School of Information and Communication Engineering, Sungkyunkwan Univ., Suwon, 440-746, Republic of Korea

    Kwang Sun Ko, Hyunsu Jang, Byuong Woon Park & Young Ik Eom

Authors
  1. Kwang Sun Ko
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hyunsu Jang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Byuong Woon Park
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Young Ik Eom
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. CIST (Center for Information Security Technologies), Korea University Anam Dong, Sungbuk Gu, Seoul, Korea

    Donghoon Lee

  2. Center for Information Security Technologies(CIST), Korea University, Seoul, Korea

    Seokhie Hong

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Ko, K.S., Jang, H., Park, B.W., Eom, Y.I. (2010). Analysis of the Propagation Pattern of a Worm with Random Scanning Strategy Based on Usage Rate of Network Bandwidth. In: Lee, D., Hong, S. (eds) Information, Security and Cryptology – ICISC 2009. ICISC 2009. Lecture Notes in Computer Science, vol 5984. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14423-3_25

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-14423-3_25

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-14422-6

  • Online ISBN: 978-3-642-14423-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation