Skip to main content
SpringerLink
Log in

Proactive worm propagation modeling and analysis in unstructured peer-to-peer networks

  • Networks
  • Published:
Journal of Zhejiang University SCIENCE C Aims and scope Submit manuscript

Abstract

It is universally acknowledged by network security experts that proactive peer-to-peer (P2P) worms may soon engender serious threats to the Internet infrastructures. These latent threats stimulate activities of modeling and analysis of the proactive P2P worm propagation. Based on the classical two-factor model, in this paper, we propose a novel proactive worm propagation model in unstructured P2P networks (called the four-factor model) by considering four factors: (1) network topology, (2) countermeasures taken by Internet service providers (ISPs) and users, (3) configuration diversity of nodes in the P2P network, and (4) attack and defense strategies. Simulations and experiments show that proactive P2P worms can be slowed down by two ways: improvement of the configuration diversity of the P2P network and using powerful rules to reinforce the most connected nodes from being compromised. The four-factor model provides a better description and prediction of the proactive P2P worm propagation.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  • Adamic, L.A., Lukose, R.M., Puniyani, A.R., Huberman, B.A., 2001. Search in power-law networks. Phys. Rev. E, 64(4): 461351–461358. [doi:10.1103/PhysRevE.64.046135]

    Article  Google Scholar 

  • Albert, R., Jeong, H., Barabdsi, A.L., 2000. Error and attack tolerance of complex networks. Nature, 406(6794): 378–382. [doi:10.1038/35019019]

    Article  Google Scholar 

  • Bu, T., Towsley, D., 2002. On Distinguishing Between Internet Power Law Topology Generators. Proc. IEEE Conf. on Computer Communications, p.638–647. [doi:10.1109/INFCOM.2002.1019309]

  • Chen, G., Gray, R.S., 2006. Simulating Non-Scanning Worms on Peer-to-Peer Networks. Proc. 1st Int. Conf. on Scalable Information Systems, p.29–41. [doi:10.1145/1146847.1146876]

  • Cohen, R., Erez, K., Avraham, D.B., Havlin, S., 2000. Resilience of the Internet to random breakdowns. Phys. Rev. Lett., 85(21):4626–4628. [doi:10.1103/PhysRevLett.85.4626]

    Article  Google Scholar 

  • Cowie, J., Ogielski, A., Premore, B., Yuan, Y., 2001. Global Routing Instabilities During Code Red II and Nimda Worm Propagation. Available from http://www.renesys.com/projects/bgpinstability [Accessed on Aug. 8, 2002].

  • eEye Digital Security, 2001a. Analysis:.ida “Code Red” Worm. Available from http://www.eeye.com/html/Research/Advisories/AL20010717.html [Accessed on Mar. 22, 2008].

  • eEye Digital Security, 2001b. Analysis: Code Red II Worm. Available from http://www.eeye.com/html/Research/Advisories/AL20010804.html [Accessed on Sept. 12, 2005].

  • F-secure, 2004. Mydoom. Available from http://www.f-secure.com/tools [Accessed on Mar. 17, 2005].

  • Feng, C., Qin, Z., Cuthbet, L., Tokarchuk, L., 2008. Propagation Model of Active Worms in P2P Networks. Proc. 9th Int. Conf. for Young Computer Scientists, p.1908–1912. [doi:10.1109/ICYCS.2008.237]

  • Frauenthal, J.C., 1980. Mathematical Modeling in Epidemiology. Springer-Verlag, New York, p.1–7.

    MATH  Google Scholar 

  • Khiat, N., Charlinet, Y., Agoulmine, N., 2006. The Emerging Threat of Peer-to-Peer Worms. Proc. 1st EEE Workshop on Monitoring, Attack Detection and Mitigation, p.1–3.

  • Li, Z., Zhang, Y., Hu, Z., Lin, H., Lu, C., 2009. Network-Based Detection Method Against Proactive P2P Worms Leveraging Application-Level Knowledge. Proc. 1st Int. Workshop on Education Technology and Computer Science, p.575–580. [doi:10.1109/ETCS.2009.661]

  • McIlwraith, D., Paquier, M., Kotsovinos, E., 2008. Di-Jest: Autonomic Neighbour Management for Worm Resilience in P2P Systems. Proc. IEEE Int. Symp. on a World of Wireless, Mobile and Multimedia Networks. [doi:10.1109/WOWMOM.2008.4594898]

  • Nie, X., Wang, Y., Jing, J., Liu, Q., 2008. Understanding the Impact of Overlay Topologies on Peer-to-Peer Worm Propagation. Proc. Int. Conf. on Computer Science and Software Engineering, p.863–867. [doi:10.1109/CSSE.2008.610]

  • Random Nut, 2003. The PACKET 0’ DEATH FastTrack Network Vulnerability. Available from http://archive.cert.uni-stuttgart.de/bugtraq/2003/05/msg00277.html [Accessed on June 18, 2005].

  • Ratnasamy, S., Francis, P., Handley, M., Karp, R., Shenker, S., 2001. A scalable content addressable network. ACM SIGCOMM Comput. Commun. Rev., 31(4):161–172. [doi:10.1145/964723.383072]

    Article  Google Scholar 

  • Ripeanu, M., Foster, I., 2002. Mapping the gnutella network: macroscopic properties of large-scale peer-to-peer systems. LNCS, 2429:85–93. [doi:10.1007/3-540-45748-8]

    Google Scholar 

  • Rowstron, A., Druschel, P., 2001. Pastry: scalable, decentralized object location and routing for large-scale peer-to-peer systems. LNCS, 2218:329–350. [doi:10.1007/3-540-45518-3]

    Google Scholar 

  • Silvey, P., Hurwitz, L., 2004. Adapting Peer-to-Peer Topologies to Improve System Performance. Proc. Hawaii Int. Conf. on System Sciences, p.3117–3126.

  • Singer, M., 2002. Benjamin Worm Plagues KaZaA. Available from http://www.internetnews.com/bus-news/article.php/3531_1141841 [Accessed on Nov. 3, 2008].

  • Sourceforge, 2009. PeerSim P2P Simulator. Available from http://peersim.sourceforge.net [Accessed on Nov. 3, 2008].

  • Staniford, S., Paxson, V., Weaver, N., 2002. How to Own the Internet in Your Spare Time. Proc. 11th USENIX Security Symp., p.149–167.

  • Stoica, I., Morris, R., Karger, D., Kaashoek, M.F., Balakrishnan, H., 2001. Chord: a scalable peer-to-peer lookup service for Internet applications. ACM SIGCOMM Comput. Commun. Rev., 31(4):149–160. [doi:10.1145/964723.383071]

    Article  Google Scholar 

  • Thommes, R., Coates, M., 2006. Epidemiological Modeling of Peer-to-Peer Viruses and Pollution. Proc. 25th IEEE Int. Conf. on Computer Communications, p.181–192.

  • Wang, L., Zhao, X., Pei, D., Bush, R., Massey, D., Mankin, A., Wu, S., Zhang, L., 2002. Observation and Analysis of BGP Behavior under Stress. Proc. 2nd ACM SIGCOMM Workshop on Internet Measurment, p.183–195. [doi:10.1145/637201.637231]

  • Wang, Y., Wang, C., 2003. Modeling the Effects of Timing Parameters on Virus Propagation. ACM Workshop on Rapid Malcode, p.61–66. [doi:10.1145/948187.948198]

  • Xia, C., Shi, Y., Li, X., Gao, W., 2007. P2P worm detection based on application identification. Front. Comput. Sci. China, 1(1):114–122. [doi:10.1007/s11704-007-0010-7]

    Article  Google Scholar 

  • Yu, W., Chellappan, S., Wang, X., Xuan, D., 2006. On Defending Peer-to-Peer System-Based Proactive Worm Attacks. Proc. IEEE Global Telecommunications Conf., p.1757–1761.

  • Yu, W., Chellappan, S., Wang, X., Xuan, D., 2008. Peer-to-peer system-based active worm attacks: modeling, analysis and defense. Comput. Commun., 31(17): 4005–4017. [doi:10.1016/j.comcom.2008.08.008]

    Article  Google Scholar 

  • Zhang, Y., Li, Z., Hu, Z., Huang, Q., Lu, C., 2008. Evolutionary Proactive P2P Worm: Propagation Modeling and Simulation. Proc. 2nd Int. Conf. on Genetic and Evolutionary Computing, p.261–264. [doi:10.1109/WGEC.2008.75]

  • Zhao, B., Huang, L., Stribling, J., Rhea, S.C., Joseph, A.D., Kubiatowicz, J., 2004. Tapestry: a resilient global-scale overlay for service deployment. IEEE J. Sel. Areas Commun., 22(1):41–53. [doi:10.1109/JSAC.2003.818784]

    Article  Google Scholar 

  • Zhou, L., Zhang, L., McSherry, F., Immorlica, N., Costa, M., Chien, S., 2005. A First Look at Peer-to-Peer Worms: Threats and Defenses. Proc. 4th Int. Workshop of Peer-to-Peer Systems, p.24–35.

  • Zhou, Y., Wu, Z., Wang, H., Zhong, J., Feng, Y., Zhu, Z., 2006. Breaking Monocultures in P2P Networks for Worm Prevention. Proc. Int. Conf. on Machine Learning and Cybernetics, p.2793–2798. [doi:10.1109/ICMLC.2006.259000]

  • Zou, C.C., Gong, W., Towsley, D., 2002. Code Red Worm Propagation Modeling and Analysis. Proc. 9th ACM Conf. on Computer and Communication Security, p.138–147. [doi:10.1145/586110.586130]

  • Zou, C.C., Towsley, D., Weibo, G., 2003. On the performance of Internet worm scanning strategies. Perform. Eval., 63(7):700–723. [doi:10.1016/j.peva.2005.07.032]

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer Science & Engineering, University of Electronic Science and Technology of China, Chengdu, 611731, China

    Xiao-song Zhang, Ting Chen & Jiong Zheng

  2. Unit 78155 of People’s Liberation Army, Chengdu, 610016, China

    Hua Li

Authors
  1. Xiao-song Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ting Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jiong Zheng
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Hua Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ting Chen.

Additional information

Project (No. 09511501600) partially supported by the Science and Technology Commission of Shanghai Municipality, China

Rights and permissions

Reprints and permissions

About this article

Cite this article

Zhang, Xs., Chen, T., Zheng, J. et al. Proactive worm propagation modeling and analysis in unstructured peer-to-peer networks. J. Zhejiang Univ. - Sci. C 11, 119–129 (2010). https://doi.org/10.1631/jzus.C0910488

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1631/jzus.C0910488

Key words

CLC number

Search

Navigation