Abstract
The authors have proposed a method of identifying superspreaders by flow sampling and a method of extracting worm-infected hosts from the identified superspreaders using a white list. However, the problem of how to optimally set parameters, φ, the measurement period length, m *, the identification threshold of the flow count m within φ, and H *, the identification probability for hosts with m = m *, remains unsolved. These three parameters seriously affect the worm-spreading property. In this paper, we propose a method of optimally designing these three parameters to satisfy the condition that the ratio of the number of active worm-infected hosts divided by the number of all the vulnerable hosts is bound by a given upper-limit during the time T required to develop a patch or an anti-worm vaccine.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Yegneswaran, V., Barford, P., Ulleich, J.: Internet Intrusions: Global Characteristics and Prevalence. In: ACM SIGMETRICS 2003 (2003)
Moore, D., Paxson, V., Savage, S., Shannon, C., Staniford, S., Weaver, N.: Inside the Slammer Worm. IEEE Security and Privacy (July/August 2003)
Bu, T., Chen, A., Wiel, S.V., Woo, T.: Design and Evaluation of a Fast and Robust Worm Detection Algorithm. In: IEEE INFOCOM 2006 (2006)
Zou, C.C., Gong, W., Towsley, D., Gao, L.: The Monitoring and Early Detection of Internet Worms. IEEE/ACM Trans. on Networking 13(5), 961–974 (2005)
Kamiyama, N., Mori, T., Kawahara, R.: Simple and Adaptive Identification of Superspreaders by Flow Sampling. In: INFOCOM 2007 Minisymposium (2007)
Kamiyama, N., Mori, T., Kawahara, R., Harada, S., Yoshino, H.: Extracting Worm-Infected Hosts Using White List. In: IEEE SAINT 2008(2008)
Bloom, B.H.: Space/Time Trade-offs in Hash Coding with Allowable Errors. Communications of the ACM 13(7) (1970)
Frei, S., May, M., Fiedler, U., Plattner, B.: Large-Scale Vulnerability Analysis. In: ACM LSAD 2006 (2006)
Liljenstam, M., Nicol, D., Berk, V., Gray, R.: Simulating Realistic Network Worm Traffic for Worm Warning System Design and Testing. In: ACM WORM 2003 (2003)
Daley, D.J., Gani, J.: Epidemic Modelling: An Introduction. Cambridge University Press, Cambridge (1999)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kamiyama, N., Mori, T., Kawahara, R., Harada, S. (2008). Optimum Identification of Worm-Infected Hosts. In: Akar, N., Pioro, M., Skianis, C. (eds) IP Operations and Management. IPOM 2008. Lecture Notes in Computer Science, vol 5275. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-87357-0_9
Download citation
DOI: https://doi.org/10.1007/978-3-540-87357-0_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-87356-3
Online ISBN: 978-3-540-87357-0
eBook Packages: Computer ScienceComputer Science (R0)