Title :
On the functional validity of the worm-killing worm
Author :
Kim, Hyogon ; Kang, Inhye
Author_Institution :
Korea Univ., South Korea
Abstract :
The notion of worm-killing worm has been in the folklore for some time. However the obvious fear of the killer worm itself being compromised, or of any self-propagating code set loose (possibly over administrative boundaries), has barred serious exploration on the practical aspects of the idea. In this paper, we suspend such concerns momentarily, and investigate its functional validity. This effort is motivated by recent fast worm epidemics exemplified by that of SQL slammer, which was overwhelmingly faster than traditional human-intervened response. Specifically, this paper evaluates the killer worm in terms of the prevention effect and the incurred traffic cost. Above and beyond, we consider supplementary techniques that could boost the performance and mitigate the harmful side-effects of the worm-killing worm.
Keywords :
Internet; SQL; invasive software; telecommunication security; telecommunication traffic; SQL slammer; bandwidth usage; denial of service attack; functional validity; mobile nodes; rumor-mongering model; traffic generation; worm epidemic; worm prevention; worm-killing worm; Bandwidth; Computational modeling; Computer worms; Costs; Counting circuits; Equations; Ethics; Internet; Web server;
Conference_Titel :
Communications, 2004 IEEE International Conference on
Print_ISBN :
0-7803-8533-0
DOI :
10.1109/ICC.2004.1312851
