Simulation of zero-day worm epidemiology in the dynamic, heterogeneous Internet
Tidy, Luc Jon, Woodhead, Steve and Wetherall, Jodie ORCID: https://orcid.org/0000-0002-4786-5824 (2013) Simulation of zero-day worm epidemiology in the dynamic, heterogeneous Internet. The Journal of Defense Modeling and Simulation: Applications, Methodology, Technology, 12 (2). pp. 123-138. ISSN 1548-5129 (Print), 1557-380X (Online) (doi:10.1177/1548512913507153)
Full text not available from this repository. (Request a copy)Abstract
The cost of a single zero-day network worm outbreak on the global Internet has been estimated at US$2.6 billion. In addition, zero-day network worm outbreaks have been observed that spread at a significant pace across the Internet, with an observed infection proportion of more than 90% of vulnerable hosts within 10 minutes. The threat posed by such fast-spreading malware to defence systems and national security is therefore significant, particularly given the fact that network operator/administrator intervention is not likely to take effect within the typical epidemiological timescale of such infections.
An accepted technology that is used to research the security threat presented by zero-day worms is that of simulation systems; however, only a subset of these focus on the Internet and issues persist regarding how representative these are of the Internet. The design of a novel simulator developed to address these issues, the Internet Worm Simulator (IWS), is presented along with experimental results for a selection of previous worm outbreaks compared against observed, empirical data and hypothetical outbreak scenarios. Based on a finite state machine for each network host, the IWS incorporates the dynamic, heterogeneous characteristics of the Internet and, on a single workstation, is able to simulate an IPv4-sized network.
Based on the analysis presented, the authors conclude that the IWS has the capability to simulate zero-day worm epidemiology on the dynamic, heterogeneous Internet for a variety of scenarios. These include simulating previous worm outbreaks that demonstrate random-scanning and hit list behaviour, as well as hypothetical scenarios that include a large susceptible populous and stealth-like behaviour.
Item Type: | Article |
---|---|
Uncontrolled Keywords: | cyber defence, malware, network worm, simulation, zero-day worm |
Subjects: | T Technology > TK Electrical engineering. Electronics Nuclear engineering |
Faculty / School / Research Centre / Research Group: | Faculty of Engineering & Science Faculty of Engineering & Science > School of Engineering (ENG) |
Last Modified: | 19 Sep 2019 15:37 |
URI: | http://gala.gre.ac.uk/id/eprint/10595 |
Actions (login required)
View Item |