Internet worm is harmful to network security,and it has become a research hotspot in recent years.A thorough survey on the propagation models and defense techniques of Internet worm is made in this paper.We first give...Internet worm is harmful to network security,and it has become a research hotspot in recent years.A thorough survey on the propagation models and defense techniques of Internet worm is made in this paper.We first give its strict definition and discuss the working mechanism.We then analyze and compare some repre-sentative worm propagation models proposed in recent years,such as K-M model,two-factor model,worm-anti-worm model(WAW),firewall-based model,quarantine-based model and hybrid benign worm-based model,etc.Some typical defense techniques such as virtual honeypot,active worm prevention and agent-oriented worm defense,etc.,are also discussed.The future direction of the worm defense system is pointed out.展开更多
Greedy propagation policy for unstructured P2P worms employs the neighboring node list of each node in peer-to-peer (P2P) network to speed up the propagation of P2P worms. After describing the technique background o...Greedy propagation policy for unstructured P2P worms employs the neighboring node list of each node in peer-to-peer (P2P) network to speed up the propagation of P2P worms. After describing the technique background of P2P worms, the algorithm of greedy propagation is addressed. Simulating design for this novel propagation policy is also described. Then, the effects of the greedy propagation policy on spreading speed, convergence speed, and attacking traffic in static P2P worms are simulated and discussed. The primary experimental results show that the greedy propagation is harmful and can bring severe damages to P2P network.展开更多
The frequent explosion of Internet worms has been one of the most serious problems in cyberspace security.In this paper,by analyzing the worm's propagation model,we propose a new worm warning system based on the m...The frequent explosion of Internet worms has been one of the most serious problems in cyberspace security.In this paper,by analyzing the worm's propagation model,we propose a new worm warning system based on the method of system identification,and use recursive least squares algorithm to estimate the worm's infection rate.The simulation result shows the method we adopted is an efficient way to conduct Internet worm warning.展开更多
The gradual hybrid anti-worm (GHAW) was presented. percentage of vulnerable hosts present in the network. For GHAW It changed its confrontation scheme in real time according to the its process of countering maliciou...The gradual hybrid anti-worm (GHAW) was presented. percentage of vulnerable hosts present in the network. For GHAW It changed its confrontation scheme in real time according to the its process of countering malicious internet worms was modeled. The performance of GHAW on two factors was also estimated: confronting validity against worms and consumption of network resources. Factors governing its performance, specifically the transformation threshold and the transformation rate, were analyzed. The simulation experiments show that GHAW has dynamical adaptability to changes of network conditions and offers the same level of effectiveness on confronting internet worms as the divide-and-rule hybrid anti-worm, with significantly less cost to network resources. The experiments also indicate that the transformation threshold is the key factor affecting the performance of GHAW.展开更多
Internet worms can propagate across networks at terrifying speeds,reduce network security to a remarkable extent,and cause heavy economic losses.Thus,the rapid elimination of Internet worms using partial immunization ...Internet worms can propagate across networks at terrifying speeds,reduce network security to a remarkable extent,and cause heavy economic losses.Thus,the rapid elimination of Internet worms using partial immunization becomes a significant matter for sustaining Internet infrastructure.This paper addresses this issue by presenting a novel worm susceptible-vaccinated-exposed-infectious-recovered model,named the SVEIR model.The SVEIR model extends the classical susceptible-exposed-infectious-recovered model(refer to SEIR model)through incorporating a saturated incidence rate and a partial immunization rate.The basic reproduction number in the SVEIR model is obtained.By virtue of the basic reproduction number,we prove the global stabilities of an infection-free equilibrium point and a unique endemic equilibrium point.Numerical methods are used to verify the proposed SVEIR model.Simulation results show that partial immunization is highly effective for eliminating worms,and the SVEIR model is viable for controlling and forecasting Internet worms.展开更多
基金supported by the Research Fund for the National Committee of China under Grant No. 05XN09
文摘Internet worm is harmful to network security,and it has become a research hotspot in recent years.A thorough survey on the propagation models and defense techniques of Internet worm is made in this paper.We first give its strict definition and discuss the working mechanism.We then analyze and compare some repre-sentative worm propagation models proposed in recent years,such as K-M model,two-factor model,worm-anti-worm model(WAW),firewall-based model,quarantine-based model and hybrid benign worm-based model,etc.Some typical defense techniques such as virtual honeypot,active worm prevention and agent-oriented worm defense,etc.,are also discussed.The future direction of the worm defense system is pointed out.
基金supported by the National Natural Science Foundation of China under Grant No. 60873075
文摘Greedy propagation policy for unstructured P2P worms employs the neighboring node list of each node in peer-to-peer (P2P) network to speed up the propagation of P2P worms. After describing the technique background of P2P worms, the algorithm of greedy propagation is addressed. Simulating design for this novel propagation policy is also described. Then, the effects of the greedy propagation policy on spreading speed, convergence speed, and attacking traffic in static P2P worms are simulated and discussed. The primary experimental results show that the greedy propagation is harmful and can bring severe damages to P2P network.
文摘The frequent explosion of Internet worms has been one of the most serious problems in cyberspace security.In this paper,by analyzing the worm's propagation model,we propose a new worm warning system based on the method of system identification,and use recursive least squares algorithm to estimate the worm's infection rate.The simulation result shows the method we adopted is an efficient way to conduct Internet worm warning.
基金Project(61070194) supported by the National Natural Science Foundation of ChinaProject([2009]1886) supported by the Information Security Industrialization Fund from NDRC of China in 2009+1 种基金Project(CJ[2010]341) supported by the Major Achievements Transfer Projects of MOF and MIIT of China in 2010Project(2011FJ2003) supported by the Natural Science Foundation of Hunan Province, China
文摘The gradual hybrid anti-worm (GHAW) was presented. percentage of vulnerable hosts present in the network. For GHAW It changed its confrontation scheme in real time according to the its process of countering malicious internet worms was modeled. The performance of GHAW on two factors was also estimated: confronting validity against worms and consumption of network resources. Factors governing its performance, specifically the transformation threshold and the transformation rate, were analyzed. The simulation experiments show that GHAW has dynamical adaptability to changes of network conditions and offers the same level of effectiveness on confronting internet worms as the divide-and-rule hybrid anti-worm, with significantly less cost to network resources. The experiments also indicate that the transformation threshold is the key factor affecting the performance of GHAW.
基金This work is supported by the National Natural Science Foundation of China(Nos.61272541,61572170)Natural Science Foundation of Hebei Province of China(Nos.F2015205157,F2016205023)+1 种基金Natural Science Foundation of Hebei Normal University(No.L2015Z08)Educational Commission of Hebei Province of China(No.QN2014165).
文摘Internet worms can propagate across networks at terrifying speeds,reduce network security to a remarkable extent,and cause heavy economic losses.Thus,the rapid elimination of Internet worms using partial immunization becomes a significant matter for sustaining Internet infrastructure.This paper addresses this issue by presenting a novel worm susceptible-vaccinated-exposed-infectious-recovered model,named the SVEIR model.The SVEIR model extends the classical susceptible-exposed-infectious-recovered model(refer to SEIR model)through incorporating a saturated incidence rate and a partial immunization rate.The basic reproduction number in the SVEIR model is obtained.By virtue of the basic reproduction number,we prove the global stabilities of an infection-free equilibrium point and a unique endemic equilibrium point.Numerical methods are used to verify the proposed SVEIR model.Simulation results show that partial immunization is highly effective for eliminating worms,and the SVEIR model is viable for controlling and forecasting Internet worms.
