TY - GEN
T1 - On the effectiveness of internal patching against file-sharing worms
AU - Xie, Liang
AU - Song, Hui
AU - Zhu, Suncun
PY - 2008
Y1 - 2008
N2 - File-sharing worms have been terrorizing Peer-to-peer (P2P) systems in recent years. Existing defenses relying on users' individual recoveries or limiting users' file-sharing activities are ineffective. Automated patching tools such as Microsoft Windows Update and Symantec Security Update are currently the most popular vehicles for eliminating and containing Internet worms, but they are not necessarily the best fits for combating P2P file-sharing worms, which propagate within a relatively smaller community. In this paper, we propose a complementary P2P-tailored patching system which utilizes the existing file-sharing mechanisms to internally disseminate security patches to those participating peers in a timely and distributed fashion. Specifically, we examine the effectiveness of leveraging the file downloading or searching process to notify vulnerable end hosts of the surging worms and push corresponding security updates to these hosts. We show through in-depth analysis and extensive experiments that both methods are scalable and effective in combating existing P2P worms.
AB - File-sharing worms have been terrorizing Peer-to-peer (P2P) systems in recent years. Existing defenses relying on users' individual recoveries or limiting users' file-sharing activities are ineffective. Automated patching tools such as Microsoft Windows Update and Symantec Security Update are currently the most popular vehicles for eliminating and containing Internet worms, but they are not necessarily the best fits for combating P2P file-sharing worms, which propagate within a relatively smaller community. In this paper, we propose a complementary P2P-tailored patching system which utilizes the existing file-sharing mechanisms to internally disseminate security patches to those participating peers in a timely and distributed fashion. Specifically, we examine the effectiveness of leveraging the file downloading or searching process to notify vulnerable end hosts of the surging worms and push corresponding security updates to these hosts. We show through in-depth analysis and extensive experiments that both methods are scalable and effective in combating existing P2P worms.
UR - http://www.scopus.com/inward/record.url?scp=45749087764&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=45749087764&partnerID=8YFLogxK
U2 - 10.1007/978-3-540-68914-0_1
DO - 10.1007/978-3-540-68914-0_1
M3 - Conference contribution
AN - SCOPUS:45749087764
SN - 3540689133
SN - 9783540689133
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 1
EP - 20
BT - Applied Cryptography and Network Security - 6th International Conference, ACNS 2008, Proceedings
T2 - 6th International Conference on Applied Cryptography and Network Security, ACNS 2008
Y2 - 3 June 2008 through 6 June 2008
ER -