« A behavioral approach to worm detection | Main | Slowing Down Internet Worms »
Modelling a Computer Worm Defense System
A thesis which examines the mechanisms of detecting and countering Internet worms. While a sizable read, it's full of good information and references, too.This thesis addresses the problem of computer worms in the modern Internet. A worm is a selfpropagating computer program that is being increasingly and widely used to attack the Internet. This thesis begins by providing a model of a simple worm and an extensive background about worms of the past, present and future. It develops a model of a computer worm and discusses in length the aspects involved in defending the Internet against a worm. It explores several techniques toward this end. It develops a life cycle model of worm defense, including prevention, prediction, detection and mitigation. It also discusses in detail about each of these techniques. It develops innovative models for each of these techniques and analyzes each one of them. Of primary interest are models that can automatically respond to a worm outbreak. Two such mitigating models, the `friends' model' and the `hierarchical model' have been developed and discussed in addition to a predicting model, `TrendCenter'. It discusses the results of real time experiments conducted on the campus gateway for the `TrendCenter' effort and the results of simulations of the mitigation models. It also discusses several preventive models that have been developed by the community. It concludes that worms are dangerous to the Internet but there are ways and means to mitigate their ill effectsSource: Modelling a Computer Worm Defense System, from a thesis by Senthilkumar G. Cheetancheri.
March 18, 2005 in papers | Permalink
Tell others: digg submit
|
del.icio.us this
|
Reddit
Comments
The comments to this entry are closed.
