A Study on Prediction of Mass SQL Injection Worm Propagation Using The Markov Chain

마코브 체인을 이용한 Mass SQL Injection 웜 확산 예측에 관한 연구

  • 박원형 (경기대학교 정보보호학과) ;
  • 김영진 (고려대학교 정보경영공학전문대학원) ;
  • 이동휘 (경기대학교 정보보호학과) ;
  • 김귀남 (경기대학교 정보보호학과)
  • Published : 2008.12.20

Abstract

Recently, Worm epidemic models have been developed in response to the cyber threats posed by worms in order to analyze their propagation and predict their spread. Some of the most important ones involve mathematical model techniques such as Epidemic(SI), KM (Kermack-MeKendrick), Two-Factor and AAWP(Analytical Active Worm Propagation). However, most models have several inherent limitations. For instance, they target worms that employ random scanning in the network such as CodeRed worm and it was able to be applied to the specified threats. Therefore, we propose the probabilistic of worm propagation based on the Markov Chain, which can be applied to cyber threats such as Mass SQL Injection worm. Using the proposed method in this paper, we can predict the occurrence probability and occurrence frequency for each threats in the entire system.