A Worm Containment Model Based on Neighbor-Alarm

Fu, Jianming; Chen, Binglan; Zhang, Huanguo

doi:10.1007/978-3-540-73547-2_46

Jianming Fu^1,2,
Binglan Chen¹ &
Huanguo Zhang¹

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 4610))

Included in the following conference series:

International Conference on Autonomic and Trusted Computing

828 Accesses
2 Citations

Abstract

How to detect and contain worms is an open issue as worm becomes a major threat to network security nowadays. Based on the help between neighbors in social network, this paper presents a model to mitigate the rapid spread of worms, and describes its dynamic equation. Since the performance of our model depends on the trust between neighbors, a method to calculate the trust is given in this paper. TPM can protect the authenticity of trust between neighbors, and thus decrease the worm propagation. Experimental results demonstrate that this model can greatly suppress the propagation of worms.

Supported by the National Natural Science Foundations of China under Grant No.60673071 and No.60633020, and by Hi-Tech Research and Development Foundations of China under Grant No.2006AA01Z442, and by Hubei Natural Science Foundations of China under Grant No.2005AA101C44.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Nachenberg, C.: From AntiVirus to AntiWorm: A New Strategy for A New Threat Landscape[R]. In: Proceedings of ACM Workshop on Rapid Malcode WORM 2004, USA (2004)
Google Scholar
Zou, C.C., Gao, L., Gong, W., Towsley, D.: Monitoring and early warning for Internet worms. Technical Report, TR-CSE-03-01, Electrical and Computer Engineering Department, University of Massachusetts (2003)
Google Scholar
Singh, S., et al.: Automated Worm Fingerprinting. In: Proceedings of Usenix Symp. Operating System Design and Implementation, Usenix Assoc. pp. 45–60 (2004)
Google Scholar
Kim, H.A., Karp, B.: Autograph: Toward Automated Distributed Worm Signature Detection. In: Proceedings of Usenix Security Symp., Usenix Assoc. pp. 271–286 (2004)
Google Scholar
Cai, M., Hwang, K., et al.: Fast Internet Worm Containment. IEEE Security and Privacy (2005)
Google Scholar
Zou, C.C., et al.: Monitoring and Early Warning for Internet Worms. In: Proceedings of 10th ACM Conf. Computer and Comm. Security CCS 2003, pp. 190–199. ACM Press, New York (2003)
Chapter Google Scholar
Wang, H.J., et al.: Shield: Vulnerability-Driven Network Filters for Preventing Known Vulnerability Exploits. In: Proceedings of ACM SIGCOMM, ACM Press, New York (2004)
Google Scholar
Sandhu, R., Xinwen, Z.: Peer-to-Peer Access Control Architecture Using Trusted Computing Technology. In: Proceedings of SACMAT 2005, Stockholm, Sweden (2005)
Google Scholar
Whyte, D., Kranakis, E., van Oorschot, P.: DNS based detection of scanning worms in an enterprise network. In: Proceedings of the 12th Annual Network and Distributed System Security Symposium (2005)
Google Scholar
Feng, Y., Haixin, D., Xing, L.: Modeling and analyzing interaction between worm and antiworm in network worm spread. SCIENCE IN CHINA SERIES E 34(8), 841–856 (2004)
Google Scholar
Lidong, Z., Lintao, Z., Frank, M., Nicole, I., Manuel, C., Steve, C.: A first look at Peer-to-Peer Worms: Threats and Defense. In: Proceedings of the Peer-to-Peer Systems 4th International Workshop. Ithaca, NY, USA, pp. 24–35 (2005)
Google Scholar
Jianming, F., Zhiyi, H., Binglan, C., Jingsong, C.: Containing Worm Based on Immune-group in Scale-free P2P. In: Proceedings of the First International Conference on Complex Systems and Applications, Huhhot, China, pp. 945–949 (2006)
Google Scholar
Pastor Satorras, R., Vespignani, A.: Immunization of complex networks. Phys. Rev. E (2002)
Google Scholar
Reuven, C., Shlomo, H., Danie, B.A.: Efficient Immunization Strategies for Computer Networks and Populations. Phys. Rev. Lett. (2003)
Google Scholar
Weaver, N., Staniford, S., Paxson, V.: Very Fast Containment of Scanning Worms, In: Proceedings of 13th Usenix Security Symp., Usenix Assoc. pp. 29–44 (2004)
Google Scholar

Download references

Author information

Authors and Affiliations

School of Computer, Wuhan University, Wuhan 430072, P.R.China
Jianming Fu, Binglan Chen & Huanguo Zhang
The State Key Lab of Software Engineering, Wuhan University, Wuhan 430072, P.R.China
Jianming Fu

Authors

Jianming Fu
View author publications
You can also search for this author in PubMed Google Scholar
Binglan Chen
View author publications
You can also search for this author in PubMed Google Scholar
Huanguo Zhang
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Bin Xiao Laurence T. Yang Jianhua Ma Christian Muller-Schloer Yu Hua

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Fu, J., Chen, B., Zhang, H. (2007). A Worm Containment Model Based on Neighbor-Alarm. In: Xiao, B., Yang, L.T., Ma, J., Muller-Schloer, C., Hua, Y. (eds) Autonomic and Trusted Computing. ATC 2007. Lecture Notes in Computer Science, vol 4610. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-73547-2_46

Download citation

DOI: https://doi.org/10.1007/978-3-540-73547-2_46
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-73546-5
Online ISBN: 978-3-540-73547-2
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics