Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Doc, 36kB - Telecommunications & Information Technology Institute

advertisement 
Telecommunications & Information Technology Institute
And
Electrical & Computer Engineering Department
C
Coolllleeggee ooff E
Ennggiinneeeerriinngg,, FFlloorriiddaa IInntteerrnnaattiioonnaall U
Unniivveerrssiittyy
Invited Talk Series
Presents
Modeling Internet Worm Attacks
By
Dr. Zesheng Chen
Georgia Institute of Technology
On
Wednesday, May 23, 2007; 10:30AM
EC 3753, 10555 West Flagler Street
Abstract:
As computer and communication networks become prevalent, the Internet has been a battlefield for attackers
and defenders. One of the most powerful weapons for attackers is the Internet worm. Specifically, a worm
attacks vulnerable computer systems and employs self-propagating methods to flood the Internet rapidly. As
a result, worms, such as Code Red, Slammer, and Witty, have infected hundreds of thousands of hosts and
become a significant threat to network security and management.
The objective of my research is to characterize the spread of worms, analyze Internet vulnerabilities, and
develop effective countermeasures. First, a discrete-time mathematical model, called the analytical active
worm propagation (AAWP) model, is presented to capture the spreading dynamics of random-scanning
worms. The AAWP model provides a tool for characterizing the propagation of worms using different
scanning methods and for evaluating the performance of worm detection and defense systems. Second,
vulnerable hosts are observed to be highly unevenly distributed in the Internet, which leads to an optimal
worm scanning method called importance scanning. Such a new method is developed from and named after
importance sampling in statistics and enables a worm to spread much faster than both random and routable
scanning. The information of vulnerable-host distributions, however, may not be known before a worm is
released. To overcome this, a self-learning worm is designed that can accurately estimate the underlying
vulnerable-host distribution while propagating. Finally, a new metric, referred to as the non-uniformity
factor, is presented to quantify both the unevenness of a vulnerable-host distribution and the spreading ability
of network-aware worms. This metric is essentially the Renyi information entropy. Network-aware worms
are shown to be able to increase the spreading speed at the early stage with a rate of nearly) the nonuniformity factor. To fight against network-aware worms, defenders should scatter applications uniformly in
the entire IP-address space from the viewpoint of game theory.
For more information, please contact Dr. Kia Makki at 305-348-3738
Related documents
Natural Selection and the “rare enemy effect”
Natural Selection and the “rare enemy effect”
10.1 -- Linear Population Growth
10.1 -- Linear Population Growth
Amazing Annelids Super Segmented Worms
Amazing Annelids Super Segmented Worms
Platynote - AspenbiologyII
Platynote - AspenbiologyII
Herbal Worm Treatments in Dominica
Herbal Worm Treatments in Dominica
Promising Drug Lead For Filariasis | Science & Technology | Chemical...
Promising Drug Lead For Filariasis | Science & Technology | Chemical...
Welcome to the November edition of our news letter
Welcome to the November edition of our news letter
08 Math 1180 Lab Homework Problems Lab meets: March 9, 2011
08 Math 1180 Lab Homework Problems Lab meets: March 9, 2011
Blackworm Facts1
Blackworm Facts1
Annelida
Annelida
Earthworm Diagram Mouth Posterior Anus Anterior Segments Setae
Earthworm Diagram Mouth Posterior Anus Anterior Segments Setae
Earthworm Research Project
Earthworm Research Project
Download
advertisement