A large-scale zero-day worm simulator for cyber-epidemiological analysis
Tidy, Luc, Woodhead, Steve and Wetherall, Jodie ORCID: https://orcid.org/0000-0002-4786-5824 (2013) A large-scale zero-day worm simulator for cyber-epidemiological analysis. International Journal Of Advances In Computer Networks And Its Security, 3 (1). pp. 69-73. ISSN 2250 - 3757
Preview |
PDF
12031_TIDY_WOODHEAD_WETHERALL_(2013).pdf - Published Version Available under License Creative Commons Attribution Non-commercial No Derivatives. Download (829kB) |
Abstract
The cost of a single zero-day network worm outbreak has been estimated at US$2.6 billion. Additionally zero-day worm outbreaks have been observed to spread at a significant
pace across the global Internet, with an observed infection
proportion of more than 90 percent of vulnerable hosts within 10 minutes. The threat posed by such fast-spreading malware is therefore significant, particularly given the fact that network operator / administrator intervention is not likely to take effect within the typical epidemiological timescale of such infections. An accepted tool that is used in researching the threat presented by zero-day worms is the use of simulation systems. However when considering zero-day worm outbreaks on the Internet there are persistent issues of scale and fidelity. The
Internet Worm Simulator (IWS) reported in this paper is designed to address these issues by presenting a novel simulation method that, on a single workstation, can simulate an entire IPv4 address space on a node-by-node basis. Being able to simulate such a large-scale network enables the further analysis of characteristics identified from worm analysis. As IWS does not rely on mathematical approximation, the epidemiological attributes identified from real-world data can be tested for zero-day worm outbreaks on the Internet. Experimentation indicates that IWS is able to accurately simulate and corroborate with reported characteristics of two previous zero-day worm outbreaks. It is intended that, in future, IWS may be used to aid both in the analysis of previous worm outbreaks and the testing of hypothetical zero-day worm outbreak scenarios.
Item Type: | Article |
---|---|
Additional Information: | [1] International Journal of Advances in Computer Networks and Its Security, an international peer-reviewed, open access journal, aims to publish original research articles and review articles across diverse fields of Computer Networks and Its Security. All the papers published in IJCNS will be archived in SEEK Digital Library. Paper for publication are selected through rigorous peer review process to ensure originality, timeliness, relevance and readability. All published papers are also available freely with online full-text content and permanent wordwide weblink. |
Uncontrolled Keywords: | cyber defence, malware, network worm, simulation, zero-day worm |
Subjects: | Q Science > Q Science (General) T Technology > TA Engineering (General). Civil engineering (General) |
Faculty / School / Research Centre / Research Group: | Faculty of Engineering & Science |
Related URLs: | |
Last Modified: | 15 Oct 2016 15:09 |
URI: | http://gala.gre.ac.uk/id/eprint/12031 |
Actions (login required)
View Item |
Downloads
Downloads per month over past year