• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.12 no.1
• /
• pp.81-86
• /
• 2008

Fast spreading Internet worms, such as Code Red and Slammer, have become one of the new major throne of the Internet recently. In order to defend against theses worms, it is essential to understand how Internet worms propagate and how different Internet factors affect worm spreading. In this paper, we intend to describe the spread of worms on Internet environments accurately. Therefore we model and analyze the spreading effects by various simulations considering Internet addressing and speed. The results lead to a better prediction of the worm spreading on current and future Internet environments.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.12
• /
• pp.2858-2864
• /
• 2015

Internet worms have been the major Internet threats may disclose important information and can bring about faults of computer systems, which spread with the fastest speed among malicious codes. Simultaneously spreading multiple worms and its variants are revealing the limitation of conventional responses based on single worms. In order to defend them effectively, it is necessary to study how multiple worms propagate and what factors affect worm spreading. In this paper, we improve the existed single worm spreading models and try to describe the correct spreads of multiple worms. Thus we analyze the spreading effects of multiple worms and its variants by various experiments.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.3
• /
• pp.165-172
• /
• 2006

There are various threats as side effects against the growth of information technology, and malicious codes such as Internet worms may bring about confusions to upset a national backbone network. In this paper, we examine the existed spreading models and propose a new worm spreading model on Internet environment. We also predict and analyze the spreading effects of high-speed Internet worms. The proposed model leads to a better prediction of the worm spreading since various factors are considered.

• Journal of Information Processing Systems
• /
• v.5 no.1
• /
• pp.33-40
• /
• 2009

Ever since the network-based malicious code commonly known as a 'worm' surfaced in the early part of the 1980's, its prevalence has grown more and more. The RCS (Random Constant Spreading) worm has become a dominant, malicious virus in recent computer networking circles. The worm retards the availability of an overall network by exhausting resources such as CPU capacity, network peripherals and transfer bandwidth, causing damage to an uninfected system as well as an infected system. The generation and spreading cycle of these worms progress rapidly. The existing studies to counter malicious code have studied the Microscopic Model for detecting worm generation based on some specific pattern or sign of attack, thus preventing its spread by countering the worm directly on detection. However, due to zero-day threat actualization, rapid spreading of the RCS worm and reduction of survival time, securing a security model to ensure the survivability of the network became an urgent problem that the existing solution-oriented security measures did not address. This paper analyzes the recently studied efficient dynamic network. Essentially, this paper suggests a model that dynamically controls the RCS worm using the characteristics of Power-Law and depth distribution of the delivery node, which is commonly seen in preferential growth networks. Moreover, we suggest a model that dynamically controls the spread of the worm using information about the depth distribution of delivery. We also verified via simulation that the load for each node was minimized at an optimal depth to effectively restrain the spread of the worm.

• Journal of Korea Multimedia Society
• /
• v.9 no.3
• /
• pp.333-341
• /
• 2006

Recently, Random Constant worm is increasing The worm retards the availability of the overall network by exhausting resources such as CPU resource and network bandwidth, and damages to an uninfected system as well as an infected system. This paper analyzes the Power-Law network which possesses the preferential characteristics to restrain the worm from spreading. Moreover, this paper suggests the model which dynamically controls the spread of the worm using information about depth distribution of the delivery node which can be seen commonly in such network. It has also verified that the load for each node was minimized at the optimal depth to effectively restrain the spread of the worm by a simulation.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.3B
• /
• pp.551-557
• /
• 2010

Fast spreading Internet worms will be sure to become one of the new major threats of convergence networks as well as the Internet. In order to defend and respond them, it is necessary to study how Internet worms propagate and what factors affect worm spreading. In this paper, we try to describe the correct spread of worms on convergence network environments. Therefore we propose a spreading model and analyze the spreading effects by various experiments.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.3
• /
• pp.43-53
• /
• 2007

Internet becomes more and more popular, and most companies and institutes use web services for e-business and many other purposes. With the explosion of Internet, the occurrence of cyber terrorism has grown very rapidly. Simulation is one of the most widely used method to study internet worms. But, it is quite challenging to simulate very large-scale worm attacks because of various reasons. In this paper, we propose a hybrid modeling method for RCS(Random Constant Spreading) worm simulation. The proposed hybrid model simulates worm attacks by synchronizing modeling network and packet network. So, this model will be both detailed enough to generate realistic packet traffic, and efficient enough to model a worm spreading through the Internet. Moreover, our model have the capability of dynamic updates of the modeling parameters. Finally, we simulate the hybrid model with the CodeRed worm to show validity of our proposed model for RCS worm simulation.

• The KIPS Transactions:PartC
• /
• v.12C no.6 s.102
• /
• pp.839-846
• /
• 2005

Recently broadband convergence network technology is emerging as an integrated network of telecommunication, broadcasting and Internet. But there are various threats as side effects against the growth of information technology, and malicious codes such af Internet worms may bring about confusions to upset a national backbone network. In this paper, we survey the traditional spreading models and propose a new worm spreading model on Internet environment. We also analyze the spreading effects due to tile spread period and the response period of Internet worms. The proposed model leads to a better prediction of the scale and speed of worm spreading. It can be applied to high-speed network such as broadband convergence network.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.5
• /
• pp.1154-1159
• /
• 2013

Now we are facing various threats as side effects against the growth of smartphone markets. Malicious codes such as mobile worms may bring about disclosures of personal information and confusions to upset a national wireless backbone. In this paper, we examine the existed spreading models and try to describe the correct spread of mobile worms on smartphones. We also analyze the spreading effects, and simulate bluetooth, MMS and Wi-Fi worms by various experiments.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.333-337
• /
• 2004

The Internet worm is changed rapidly and virus vaccine can not defense the whole Internet worm. To prevent them form spreading into network and analysis specifications, we design and implement the Internet Worm Traffic Generator. In this research, we offer the real worm propagation environment through protocol and scenario specification.