Abstract
The authors have proposed a method of identifying superspreaders by flow sampling and a method of extracting worm-infected hosts from the identified superspreaders using a white list. However, the problem of how to optimally set parameters, φ, the measurement period length, m *, the identification threshold of the flow count m within φ, and H *, the identification probability for hosts with m = m *, remains unsolved. These three parameters seriously affect the worm-spreading property. In this paper, we propose a method of optimally designing these three parameters to satisfy the condition that the ratio of the number of active worm-infected hosts divided by the number of all the vulnerable hosts is bound by a given upper-limit during the time T required to develop a patch or an anti-worm vaccine.
Chapter PDF
References
Yegneswaran, V., Barford, P., Ulleich, J.: Internet Intrusions: Global Characteristics and Prevalence. In: ACM SIGMETRICS 2003 (2003)
Moore, D., Paxson, V., Savage, S., Shannon, C., Staniford, S., Weaver, N.: Inside the Slammer Worm. IEEE Security and Privacy (July/August 2003)
Bu, T., Chen, A., Wiel, S.V., Woo, T.: Design and Evaluation of a Fast and Robust Worm Detection Algorithm. In: IEEE INFOCOM 2006 (2006)
Zou, C.C., Gong, W., Towsley, D., Gao, L.: The Monitoring and Early Detection of Internet Worms. IEEE/ACM Trans. on Networking 13(5), 961–974 (2005)
Kamiyama, N., Mori, T., Kawahara, R.: Simple and Adaptive Identification of Superspreaders by Flow Sampling. In: INFOCOM 2007 Minisymposium (2007)
Kamiyama, N., Mori, T., Kawahara, R., Harada, S., Yoshino, H.: Extracting Worm-Infected Hosts Using White List. In: IEEE SAINT 2008(2008)
Bloom, B.H.: Space/Time Trade-offs in Hash Coding with Allowable Errors. Communications of the ACM 13(7) (1970)
Frei, S., May, M., Fiedler, U., Plattner, B.: Large-Scale Vulnerability Analysis. In: ACM LSAD 2006 (2006)
Liljenstam, M., Nicol, D., Berk, V., Gray, R.: Simulating Realistic Network Worm Traffic for Worm Warning System Design and Testing. In: ACM WORM 2003 (2003)
Daley, D.J., Gani, J.: Epidemic Modelling: An Introduction. Cambridge University Press, Cambridge (1999)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kamiyama, N., Mori, T., Kawahara, R., Harada, S. (2008). Optimum Identification of Worm-Infected Hosts. In: Akar, N., Pioro, M., Skianis, C. (eds) IP Operations and Management. IPOM 2008. Lecture Notes in Computer Science, vol 5275. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-87357-0_9
Download citation
DOI: https://doi.org/10.1007/978-3-540-87357-0_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-87356-3
Online ISBN: 978-3-540-87357-0
eBook Packages: Computer ScienceComputer Science (R0)