Research on Early Warning for Worm Propagation Based on Area-Alert-Level

被引:0
作者
Zhu Li-na [1 ,2 ]
Sun Chao-yi [2 ]
Feng Li [2 ]
机构
[1] Harbin Engn Univ, Sch Comp Sci & Technol, Harbin, Peoples R China
[2] Wuhan Digital Engn Inst, Wuhan, Peoples R China
来源
FIFTH INTERNATIONAL CONFERENCE ON INFORMATION ASSURANCE AND SECURITY, VOL 2, PROCEEDINGS | 2009年
关键词
early warning; worm propagation; area-infected-time; area-infected-probability; area-alert-level;
D O I
10.1109/IAS.2009.137
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Predicting or discovering the possible propagation direction of spreading network worms can efficiently benefit the enforcement of network security countermeasures like blocking them in real-time way. Most worms exhaust all of the network bandwidth maliciously in very short time. This paper proposed a model on predicting the propagation direction between areas based on two key indexes including Area-Infected-Time (AIT) and Area-Infected-Probability (AIP), and calculates alert level for each area by fuzzy reasoning. The higher alert level is, the more likely that the corresponding area is infected by worm in short time, and this area is the propagation direction of worm at the moment. Simulation experimental results show that the early warning model proposed in this paper can deduce Area-Alert-Level (AAL) correctly and predict the propagation direction of network worm dynamically.
引用
收藏
页码:163 / +
页数:2
相关论文
共 8 条
[1]  
CHEN Z, 1990, P IEEE INFOCOM 2003, P1890
[2]  
FRAUENTHAL JC, 1980, MATH MODELING EPIDEM
[3]  
Li S. Y., 2002, FUZZY CONTROL NEUROC
[4]   Modeling and automated containment of worms [J].
Sellke, S ;
Shroff, NB ;
Bagchi, S .
2005 INTERNATIONAL CONFERENCE ON DEPENDABLE SYSTEMS AND NETWORKS, PROCEEDINGS, 2005, :528-537
[5]  
SERAZZI G, 2003, P 11 IEEE ACM S MOD, P26
[6]  
Streftaris G., 2002, P INT WORKSHOP STAT, P609
[7]  
[王智 Wang Zhi], 2003, [气象学报, Acta Meteorologica Sinica], V61, P66
[8]  
Zou Cliff Changchun, 2002, Proceedings of the 9th ACM conference on Computer and communications security, P138, DOI DOI 10.1145/586110.586130