International Conference on Advanced Computing, Communication and Networks - CCN 2011
Author(s) : C.SHOBA BINDU, P.DORAVELU REDDY
Self-duplicating, self-propagating malicious codes known as computer worms spread themselves without any human interaction and launch the most destructive attacks against computer networks. In this paper, we have successfully detected the worm propagation characteristics of different and using permutation scanning to find the worms using branch process model to provide total number of scan that ensure the worm will eventually die out. Our strategy can effectively contain both fast scan worms and slow scan worms without knowing the worm signature in advance or needing to explicitly detect the worm. We would like to propose a statistical model for the spread of topology-aware worms and subsequently design mechanisms for automatic containment of such worms. We would also like to characterize the deviation of our proposed branching process model from the ideal sophistication epidemic model, assuming that the values of its rich set of parameters were available. Finally, we would like to port our worm containment schemes to edge routers and local routers and to evaluate the performance using real data from enterprise networks.