Abstract
A new approach to fight against Internet worms through the use the worm-killing worm has been presented. This paper attempts to model the interaction between the two worms using the divide-and-conquer strategy. We extends the idea of the killer-worm and divide it into three basic types. 1) Patching type: It only installs the patches on the susceptible machines; 2) Predator type: It only kills the worm (it may also patch the infected machines); 3) Composition type: It does both the jobs. The state transition diagram of the two worms and a mathematical model for every type are given. The results by dynamic simulation with the help of MATLAB are obtained.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Spafford, E.H.: The internet worm incident. In: Ghezzi, C., McDermid, J.A. (eds.) ESEC 1989. LNCS, vol. 387. Springer, Heidelberg (1989)
eEye Digital Security, ANALYSIS: .ida “Code Red Worm”, http://www.eeye.com/html/Research/Advisories/AL20010717.html
eEye Digital Security, ANALYSIS: CodeRed II Worm, http://www.eeye.com/html/Research/Advisories/AL20010804.html
Russell, R., Machie, A.: Code Red II Worm. Tech. Rep, Incident Analysis, Secrity Focus (August 2001)
Machie, A., Roculan, J., Russell, R., Velzen, M.V.: Nimda Worm Analysis, Tech. Rep, Inci-dent Analysis, Security Focus (September 2001)
CERT/CC, CERT®̂ Advisory CA-2001-26, Nimda Worm, http://www.cert.org/advisories/CA-2001-26.html
CERT/CC, CERT®̂ Advisory CA-2003-04 MS-SQL Server Worm, http://www.cert.org/advisories/CA-2003-04.html
Moore, D., et al.: The spread of the Sapphire/Slammer worm, a NANOG presentation, http://www.nanog.org/mtg-0302/ppt/worm.pdf
EEye Digital Security. Blaster worm analysis (2003), http://www.eeye.com/html/Research/Advisories/AL20030811.html
CCERT, CCERT advisory on W32.Sasser, http://www.ccert.edu.cn/notice/show.php?handle=102 (in Chinese)
db.Kingsoft.com., Worms report (2004), http://db.kingsoft.com/c/2004/12/29/164830.shtml (in Chinese)
Toyoizumi, H., Kara, A.: Predators: good will mobile codes combat against computer vi-ruses, New Security Paradigms Workshop 2002, Virginia Beach, USA, September 23-26 (2002)
Herbert HexXer, Code Green, http://www.securityfocus.com/archive/82/211428
CCERT, CCERT advisory on W32, Nachi.Worm, http://www.ccert.edu.cn/announce/show.php?handle=93 (in Chinese)
Knowles, D., Perriot, F., Szor, P.: Symantec security response: W32/Nachi.A, http://www.f-prot.com/virusinfo/descriptions/nachi_A.html
Zou, C.C., Gong, W., Towsley, D.: On the performance of Internet worm scanning strategies, Technical Report, TR-03-CSE-07, Electrical and Computer Engineering Department, Uni-versity of Massachusetts (2003)
Frauenthal, J.C.: Mathematical Modeling in Epidemiology, New York. Springer, Heidelberg (1980)
Zou, C.C., Gong, W., Towsley, D.: Code Red worm propagation modeling and analysis. In: Proc. of the 9th ACM Symp. on Computer and Communication Security, Washington, pp. 138–147 (2002)
Feng, Y., Haixin, D., Xing, L.: Modeling and analysis on the interaction between the Internet worm and anti-worm. SCIENCE IN CHINA Ser. E Information Sciences 34(8), 841–856 (2004) (in Chinese)
Staniford, S., Paxson, V., Weaver, N.: How to Own the Internet in Your Spare Time. In: 11th Usenix Security Symposium, San Francisco (August 2002)
Zou, C.C., Gao, L., Gong, W., Towsley, D.: Monitoring and early warning for Internet worms, Technical Report, TR-CSE-03-01, Electrical and Computer Engineering Department, Uni-versity of Massachusetts (2003)
Wen, W.P., Qin, S.H., Jiang, J.C., Wang, Y.J.: Research and Development of Internet Worms. J. of Software 15(8), 1208–1219 (2004) (in Chinese)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Wu, D., Long, D., Wang, C., Guan, Z. (2005). Modeling and Analysis of Worm and Killer-Worm Propagation Using the Divide-and-Conquer Strategy. In: Hobbs, M., Goscinski, A.M., Zhou, W. (eds) Distributed and Parallel Computing. ICA3PP 2005. Lecture Notes in Computer Science, vol 3719. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11564621_43
Download citation
DOI: https://doi.org/10.1007/11564621_43
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-29235-7
Online ISBN: 978-3-540-32071-5
eBook Packages: Computer ScienceComputer Science (R0)