Skip navigation

A virtualised network testbed for zero-day worm analysis and countermeasure testing

A virtualised network testbed for zero-day worm analysis and countermeasure testing

Shahzad, Khurram, Woodhead, Steve and Bakalis, Panos (2013) A virtualised network testbed for zero-day worm analysis and countermeasure testing. In: Advances in Security of Information and Communication Networks: First International Conference, SecNet 2013, Cairo, Egypt, September 3-5, 2013. Proceedings. Communications in Computer and Information Science (381). Springer Berlin Heidelberg, Berlin Heidelberg, Germany, pp. 54-64. ISBN 9783642405976 ISSN 1865-0929 (Print), 1865-0937 (Online) (doi:10.1007/978-3-642-40597-6_5)

Full text not available from this repository.

Abstract

Computer network worms are one of the most significant malware threats and have gained wide attention due to their increased virulence, speed and sophistication in successive Internet-wide outbreaks. In order to detect and defend against network worms, a safe and convenient environment is required to closely observe their infection and propagation behaviour. The same facility can also be employed in testing candidate worm countermeasures. This paper presents the design, implementation and commissioning of a novel virtualized malware testing environment, based on virtualization technologies provided by VMware and open source software. The novelty of this environment is its scalability of running virtualised hosts, high fidelity, confinement, realistic traffic generation, and efficient log file creation. This paper also presents the results of an experiment involving the launch of a Slammer-like worm on the testbed to show its propagation behaviour.

Item Type: Conference Proceedings
Title of Proceedings: Advances in Security of Information and Communication Networks: First International Conference, SecNet 2013, Cairo, Egypt, September 3-5, 2013. Proceedings
Additional Information: [1] This paper was first presented at the International Conference on Advances in Security of Information and Communication Networks, (SecNet 2013), held in Cairo, Egypt, from 3-5 September 2013. [2] ISSN: 978-3-642-40596-9 (Print); 978-3-642-40597-6 (Online).
Uncontrolled Keywords: worms, malware, slammer, testbed, virtualization, VMware
Subjects: G Geography. Anthropology. Recreation > GE Environmental Sciences
Pre-2014 Departments: School of Engineering
School of Engineering > Mobile & Wireless Communications Research Laboratory
Related URLs:
Last Modified: 14 Oct 2016 09:25
Selected for GREAT 2016: None
Selected for GREAT 2017: None
Selected for GREAT 2018: None
URI: http://gala.gre.ac.uk/id/eprint/10624

Actions (login required)

View Item View Item