Title :
Simulation and Evaluation of a New Algorithm of Worm Detection and Containment
Author :
Yang, Xiong ; Lu, Jing ; Zhu, Yuguang ; Wang, Ping
Author_Institution :
Dept. of Comput. Sci. & Commun., Chang Zhou Inst. of Technol.
Abstract :
Internet worm attacks have become increasingly more frequent and have caused enormous damage to the Internet community during the past years. A new security service that monitors the ongoing worm activities on the Internet and restricts the worm spreading rate automatically will greatly contribute to the security management of modern enterprise networks. Based on the comparison and analysis of many worm detection and containment strategies, a new and effective algorithm of detecting and containing network worms is proposed in this paper. The principle of this effective algorithm is an improved two rotation process to detect and contain worms. The simulation result of the algorithm is demonstrated so effectively to detect and slow down the rapid scanning worm and "stealthy " worm whose propagation rate is slower than the former. In order to reduce the number of false positives, the impact of normal network activities is also concerned. Finally, the simulation also analyzes the performance of detecting worms of the algorithm under normal and congestive network background
Keywords :
Internet; invasive software; Internet worm; security management; worm containment; worm detection; Algorithm design and analysis; Computational modeling; Computer displays; Computer science; Computer simulation; Computer worms; Electronic mail; IP networks; Information security; Internet; Algorithm; Worm; Worm Containment; Worm detection;
Conference_Titel :
Parallel and Distributed Computing, Applications and Technologies, 2006. PDCAT '06. Seventh International Conference on
Conference_Location :
Taipei
Print_ISBN :
0-7695-2736-1
DOI :
10.1109/PDCAT.2006.103
