We found a match
Your institution may have rights to this item. Sign in to continue.
- Title
Propagation of active worms: A survey.
- Authors
Yang Xiang; Xiang Fan; Wen Tao Zhu
- Abstract
This paper serves worm defenders' objective to improve their immunity to future active worms by giving them a deep insight into propagation characteristics of active worms from a worm authors' perspective. Active worms self-propagate across networks by employing scanning, pre-generated target list, or internally generated target lists as their target discovery technique. We find target acquisition and network reconnaissance actions (luring the network propagation phase in a worm's life cycle basically embody its target discovery technique. We derive the significance of target discovery techniques in shaping a worm's propagation characteristics from the life cycles of worms. A variety of target discovery techniques employed by active worms are discussed and compared. We find hitting probability (the probability of hitting a vulnerable or infected host) is the most frequently improved factor by attackers to increase a worm's propagation speed. We anticipate future active worms would employ a combination of target discovery techniques to greatly accelerate their propagation. Various deterministic and stochastic models of active worms are presented and compared. Their accuracy of and applicability to modelling the propagation of active worms under different conditions are discussed. A discussion of opportunities, challenges and solutions from a worm defenders' perspective is presented in this survey paper. We also propose a new defence system called Distributed Active Defence System (DADS) to effectively defend against worms. This new system follows an active surveillance-trace-control cycle, which could be the emerging solution to the active worm problem.
- Subjects
COMPUTER worms; COMPUTER security; CYBERTERRORISM; PROBABILITY theory; COMPUTER software
- Publication
Computer Systems Science & Engineering, 2009, Vol 24, Issue 3, p157
- ISSN
0267-6192
- Publication type
Article