Abstract | ||
---|---|---|
In this paper, we address issues related to defending against wide- spreading worms on the Internet. We study a new class of worms called the self- adaptive worms. These worms dynamically adapt their propagation patterns to defensive countermeasures, in order to avoid or postpone detection, and to even- tually infect more computers. We show that existing worm detection schemes cannot effectively defend against these self-adaptive wor ms. To counteract these worms, we introduce a game-theoretic formulation to model the interaction be- tween worm propagator and defender. We show that the effective integration of multiple defensive schemes (e.g., worm detection, forensics analysis) is critical for defending against self-adaptive worms. We propose different combinations of defensive schemes for different kinds of self-adaptive worms, and evaluate the performance of defensive schemes based on real-world traffi c traces. |
Year | DOI | Venue |
---|---|---|
2006 | 10.1007/978-3-540-49823-0_38 | Self-Stabilizing Systems |
Keywords | Field | DocType |
worm propagator,selfadaptive worm,worm,self-adaptive worm,defensive scheme,multiple defensive scheme,worm detection scheme,widespreading worm,worm detection,defensive countermeasures,different combination,game theory | Countermeasure,Computer security,Computer science,Electronic countermeasure,Self adaptive,The Internet | Conference |
Volume | ISSN | Citations |
4280 | 0302-9743 | 0 |
PageRank | References | Authors |
0.34 | 6 | 3 |