Abstract | ||
---|---|---|
This work investigates three aspects: (a) a network vulnerability as the non-uniform vulnerable-host distribution, (b) threats, i.e., intelligent worms that exploit such a vulnerability, and (c) defense, i.e., challenges for fighting the threats. We first study five data sets and observe consistent clustered vulnerable-host distributions. We then present a new metric, referred to as the non-uniformity factor, which quantifies the unevenness of a vulnerable-host distribution. This metric is essentially the Renyi information entropy and better characterizes the non-uniformity of a distribution than the Shannon entropy. We then analytically and empirically measure the infection rate and the propagation speed of network-aware worms. We show that a representative network-aware worm can increase the spreading speed by exactly or nearly a non-uniformity factor when compared to a random-scanning worm at the early stage of worm propagation. This implies that when a worm exploits an uneven vulnerable-host distribution as a network-wide vulnerability, the Internet can be infected much more rapidly. Furthermore, we analyze the effectiveness of defense strategies on the spread of network-aware worms. Our results demonstrate that counteracting network-aware worms is a significant challenge for the strategies that include host-based defense and IPv6. |
Year | DOI | Venue |
---|---|---|
2007 | 10.1109/INFCOM.2007.22 | INFOCOM 2007, VOLS 1-5 |
Keywords | Field | DocType |
entropy,shannon entropy,computer worms,intelligent networks,distributed computing,computer networks,internet,information entropy | IPv6,Computer science,Computer security,Network aware,Computer worm,Exploit,Intelligent Network,Entropy (information theory),Vulnerability,The Internet | Conference |
ISSN | Citations | PageRank |
0743-166X | 25 | 1.33 |
References | Authors | |
19 | 2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Zesheng Chen | 1 | 292 | 23.18 |
Chuanyi Ji | 2 | 812 | 124.04 |