A Feasibility Study on Defending Against Ultra-Fast TopologicalWorms

Author

Xie, Liang ; Zhu, Sencun

Author_Institution

Penn State Univ., University Park

fYear

2007

Firstpage

61

Lastpage

70

Abstract

Self-propagating worms have been terrorizing the Internet for several years and they are becoming imminent threats to large-scale Peer-to-Peer (P2P) systems featuring rich host connectivity and popular data services. In this paper, we consider topological worms, which exploit P2P host vulnerabilities and topology information to spread in an ultra-fast way. We study the feasibility of leveraging the existing P2P overlay structure for distributing automated security patches to vulnerable machines. Two approaches are examined: a partition-based approach, which utilizes immunized hosts to proactively stop worm spread in the overlay graph, and a Connected Dominating Set(CDS)-based approach, which utilizes a group of dominating nodes in the overlay to achieve fast patch dissemination in a race with the worm. We demonstrate through analysis and simulations that both methods can result in effective worm containment.

Keywords

invasive software; peer-to-peer computing; telecommunication security; Internet; P2P host vulnerability; P2P overlay structure; automated security patch distribution; connected dominating set; data service; host connectivity; overlay graph; patch dissemination; peer-to-peer system; self-propagating worm; topology information; ultra fast topological worm; worm containment; Computer science; Computer worms; Data engineering; Data security; Immune system; Information security; Large-scale systems; Peer to peer computing; Topology; Web and internet services;

fLanguage

English

Publisher

ieee

Conference_Titel

Peer-to-Peer Computing, 2007. P2P 2007. Seventh IEEE International Conference on

Conference_Location

Galway

Print_ISBN

978-0-7695-2986-8

Type

conf

DOI

10.1109/P2P.2007.31

Filename

4343465