Journal of Information Processing Systems

Korea Information Processing Society (한국정보처리학회)
권호 표지
DOI QR코드

DOI QR Code

Dynamic Control of Random Constant Spreading Worm using Depth Distribution Characteristics

  • No, Byung-Gyu (Korea Information Security Agency) ;
  • Park, Doo-Soon (Division of Computer Science and Engineering, SoonChunHyang University) ;
  • Hong, Min (Division of Computer Science and Engineering, SoonChunHyang University) ;
  • Lee, Hwa-Min (Division of Computer Science and Engineering, SoonChunHyang University) ;
  • Park, Yoon-Sok (Samsung Electro-Mechanics div.)
  • Published : 2009.03.31
Download PDF
⟨ Previous Next ⟩

Abstract

Ever since the network-based malicious code commonly known as a 'worm' surfaced in the early part of the 1980's, its prevalence has grown more and more. The RCS (Random Constant Spreading) worm has become a dominant, malicious virus in recent computer networking circles. The worm retards the availability of an overall network by exhausting resources such as CPU capacity, network peripherals and transfer bandwidth, causing damage to an uninfected system as well as an infected system. The generation and spreading cycle of these worms progress rapidly. The existing studies to counter malicious code have studied the Microscopic Model for detecting worm generation based on some specific pattern or sign of attack, thus preventing its spread by countering the worm directly on detection. However, due to zero-day threat actualization, rapid spreading of the RCS worm and reduction of survival time, securing a security model to ensure the survivability of the network became an urgent problem that the existing solution-oriented security measures did not address. This paper analyzes the recently studied efficient dynamic network. Essentially, this paper suggests a model that dynamically controls the RCS worm using the characteristics of Power-Law and depth distribution of the delivery node, which is commonly seen in preferential growth networks. Moreover, we suggest a model that dynamically controls the spread of the worm using information about the depth distribution of delivery. We also verified via simulation that the load for each node was minimized at an optimal depth to effectively restrain the spread of the worm.

Keywords

References

  1. M.C. Motwani, M.C. Gadiya, R.C. Motwani, 'Survey of Image Denoising Techniques', Proceedings of GSPx, Santa Clara, CA., Sep., 2004
  2. Eeye Digital Security, 'Code Red Disassembly', http://www.eeye.com/html/advisories/codered.zip, 2001
  3. S. Staniford, V. Paxson, and N. Weaver, 'How to 0wn the Internet in Your Spare Time', Proc. of the 11th USENIX Security Symposium, pp.3-10, 2002
  4. D. Moore, C. Shannon, G. Voelker, S. Savage, 'Internet Quarantine: Requirements for Containing Self-Propagating Code', Proc. of the 2003 IEEE Infocom Conf., pp.3-5, Apr. 2003
  5. E. Rice, 'The Effect of Infection Time on Internet Worm Propagation', Math. Vol.164, Scientific Computing at Harvey Mudd College, pp.3-4, May, 2004
  6. R. Albert, H. Jeong, and A.-L. Barabasi, 'Mean-Field Theory for Scale-Free Random Networks', Physica A, pp.175-181, 1999
  7. R. Albert, H. Jeong, and A.-L. Barabasi, 'Error and Attack Tolerance of Complex Networks', Nature 406, pp.379-381, 2000 https://doi.org/10.1038/35019019
  8. P. Erdos and Renyi, 'On the evolution of random graphs', Publ., Math., Ins., Hung., Acad., Sci., Vol.5, pp.17-60, 1960
  9. D.J. Watts, S. H. Strogatz, 'Collective Dynamics of small-world networks', Nature 393, pp.440-441, 1998 https://doi.org/10.1038/30918
  10. http://labrea.sourceforge.net/labrea-info.html
  11. M. Williamson, 'Throttling Viruses: Restricting Propagation to Defeat Malicious Mobile Code', 18th Annual Computer Security Applications Conf., pp.6-7, Dec, 2002
  12. N. Weaver, I. Hamadeh, G. Kesidis, V. Paxson, 'Preliminary Results Using Scale Down to Explore Worm Dynamics', Proc. of the 2004 ACM workshop on Rapid Malcode, pp.3-6, Oct. 2004