On the effectiveness of internal patching against file-sharing worms

Liang Xie, Hui Song, Suncun Zhu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

5 Scopus citations

Abstract

File-sharing worms have been terrorizing Peer-to-peer (P2P) systems in recent years. Existing defenses relying on users' individual recoveries or limiting users' file-sharing activities are ineffective. Automated patching tools such as Microsoft Windows Update and Symantec Security Update are currently the most popular vehicles for eliminating and containing Internet worms, but they are not necessarily the best fits for combating P2P file-sharing worms, which propagate within a relatively smaller community. In this paper, we propose a complementary P2P-tailored patching system which utilizes the existing file-sharing mechanisms to internally disseminate security patches to those participating peers in a timely and distributed fashion. Specifically, we examine the effectiveness of leveraging the file downloading or searching process to notify vulnerable end hosts of the surging worms and push corresponding security updates to these hosts. We show through in-depth analysis and extensive experiments that both methods are scalable and effective in combating existing P2P worms.

Original languageEnglish (US)
Title of host publicationApplied Cryptography and Network Security - 6th International Conference, ACNS 2008, Proceedings
Pages1-20
Number of pages20
DOIs
StatePublished - 2008
Event6th International Conference on Applied Cryptography and Network Security, ACNS 2008 - New York, NY, United States
Duration: Jun 3 2008Jun 6 2008

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume5037 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other6th International Conference on Applied Cryptography and Network Security, ACNS 2008
Country/TerritoryUnited States
CityNew York, NY
Period6/3/086/6/08

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'On the effectiveness of internal patching against file-sharing worms'. Together they form a unique fingerprint.

Cite this