TY - GEN
T1 - Self-adaptive worms and countermeasures
AU - Yu, Wei
AU - Zhang, Nan
AU - Zhao, Wei
PY - 2006
Y1 - 2006
N2 - In this paper, we address issues related to defending against wide-spreading worms on the Internet. We study a new class of worms called the self-adaptive worms. These worms dynamically adapt their propagation patterns to defensive countermeasures, in order to avoid or postpone detection, and to eventually infect more computers. We show that existing worm detection schemes cannot effectively defend against these self-adaptive worms. To counteract these worms, we introduce a game-theoretic formulation to model the interaction between worm propagator and defender. We show that the effective integration of multiple defensive schemes (e.g., worm detection, forensics analysis) is critical for defending against self-adaptive worms. We propose different combinations of defensive schemes for different kinds of self-adaptive worms, and evaluate the performance of defensive schemes based on real-world traffic traces.
AB - In this paper, we address issues related to defending against wide-spreading worms on the Internet. We study a new class of worms called the self-adaptive worms. These worms dynamically adapt their propagation patterns to defensive countermeasures, in order to avoid or postpone detection, and to eventually infect more computers. We show that existing worm detection schemes cannot effectively defend against these self-adaptive worms. To counteract these worms, we introduce a game-theoretic formulation to model the interaction between worm propagator and defender. We show that the effective integration of multiple defensive schemes (e.g., worm detection, forensics analysis) is critical for defending against self-adaptive worms. We propose different combinations of defensive schemes for different kinds of self-adaptive worms, and evaluate the performance of defensive schemes based on real-world traffic traces.
UR - http://www.scopus.com/inward/record.url?scp=33845515339&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=33845515339&partnerID=8YFLogxK
U2 - 10.1007/978-3-540-49823-0_38
DO - 10.1007/978-3-540-49823-0_38
M3 - Conference contribution
AN - SCOPUS:33845515339
SN - 3540490183
SN - 9783540490180
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 548
EP - 562
BT - Stabilization, Safety, and Security of Distributed Systems - 8th International Symposium, SSS 2006. Proceedings
PB - Springer Verlag
T2 - 8th International Symposium on Self-Stabilizing Systems, SSS 2006
Y2 - 17 November 2006 through 19 November 2006
ER -