Abstract
Passive worms can passively propagate through embedding themselves into some sharing files, which can result in significant damage to unstructured P2P networks. To study the passive worm behaviors, this paper firstly analyzes and obtains the average delay for all peers in the whole transmitting process due to the limitation of network throughput, and then proposes a mathematical model for the propagation of passive worms over the unstructured P2P networks. The model mainly takes the effect of the network throughput into account, and applies a new healthy files dissemination-based defense strategy according to the file popularity which follows the Zipf distribution. The simulation results show that the propagation of passive worms is mainly governed by the number of hops, initially infected files and uninfected files. The larger the number of hops, the more rapidly the passive worms propagate. If the number of the initially infected files is increased by the attackers, the propagation speed of passive worms increases obviously. A larger size of the uninfected file results in a better attack performance. However, the number of files generated by passive worms is not an important factor governing the propagation of passive worms. The effectiveness of healthy files dissemination strategy is verified. This model can provide a guideline in the control of unstructured P2P networks as well as passive worm defense.
Similar content being viewed by others
References
Nassima K, Yannick C, Nazim A. The emerging threat of peer-to-peer worms [C]. In: IEEE / IST Workshop on Monitoring, Attack Detection and Mitigation. IEEE Press, Tuebingen, Germany, 2006. 18–20.
Yu W, Corey B, Sriram C et al. Peer-to-peer system-based active worm attacks: Modeling and analysis [C]. In: Proceedings of IEEE International Conference on Communications. IEEE Press, Seoul, Korea, 2005. 295–299.
Zesheng C, Lixin G, Kwiat K. Modeling the spread of active worms[C]. In: Proceedings of the Twenty-Second Annual Joint Conference of the IEEE Computer and Communications Societies. IEEE Press, Francisco, USA, 2003. 1890–1900.
Zhou L, Zhang L, Mcsherry F et al. A first look at peerto-peer worms: Threats and defenses [C]. In: Proceedings of the 4th International Workshop on Peer-to-Peer Systems. ACM Press, Ithaca, NY, 2005. 24–35.
Guanling C, Robert S G. Simulating non-scanning worms on peer-to-peer networks [C]. In: Proceedings of the 1st International Conference on Scalable Information Systems. ACM Press, Hong Kong, China, 2006. 29–42.
Thommes R, Coates M. Epidemiological modeling of peer-to-peer viruses and pollution[C]. In: The 25th Annual IEEE Conference on Computer Communications. IEEE Press, Barcelona, Spain, 2006. 15–26.
Krishna R, Biplab S. Modeling malware propagation in Gnutella type peer-to-peer networks [C]. In: Proceedings of the Third International Workshop on Hot Topics in Peerto-Peer Systems (Hot-P2P). ACM Press, Rhodes Island, Greece, 2006. 8–15.
Richard W T, Mark J C. Modeling virus propagation in peer-to-peer networks [C]. In: IEEE International Conference on Information, Communications & Signal Processing. IEEE Press, Bangkok, Thailand, 2005. 981–985.
Shakkottai S, Srikant R. Peer to peer networks for defense against Internet worms [C]. In: Proceedings from the 2006 Workshop on Interdisciplinary Systems Approach in Performance Evaluation and Design of Computer & Communications Systems (INTERPERF’06). ACM Press, Pisa, Italy, 2006. 34–44.
Andrew K, Abhinav A, Minaxi G. A study of malware in peer-to-peer networks [C]. In: Proceedings of the 6th ACM SIGCOMM on Internet Measurement. ACM Press, Janeriro, Brazil, 2006. 327–332.
Jacky C, Kevin L, Brian N L. Availability and popularity measurements of peer-to-peer file systems [EB/OL]. http://signl.cs.umass.edu/pubs/, 2007-05-16.
Stefan Saroiu, Krishna P G, Steven D G. A measurement study of peer-to-peer files sharing systems [C]. In: Proceedings of Multimedia Computing and Networking 2002 (MMCN’02). ACM Press, San Jose, CA, 2002. 361–382.
Krishna P G, Richard J D, Stefan Saroiu et al. Measurement, modeling, and analysis of a peer-to-peer file-sharing workload [C]. In: Proceedings of the 19th ACM Symposium on Operating System Principles (SOSP 2003). ACM Press, Bolton Landing, NY, 2003. 314–329.
Matthew M W. Throttling viruses: Restricting propagation to defeat malicious mobile code [C]. In: Proceedings of the 18th Annual Computer Security Applications Conference (ACSAC). IEEE Press, Nevada, USA, 2002. 61–68.
Newman M E J, Strogatz S H, Watts D J. Random graphs with arbitrary degree distribution and their applications [J]. Physical Review E, 2001, 64(2): 1–18.
Stutzbach D, Rejaie R, Sen S. Characterizing unstructured overlay topologies in modern P2P file-sharing systems [C]. In: Proceedings of the Fifth ACM Internet Measurement Conference. ACM Press, Berkeley, CA, 2005. 49–62.
Holme P, Kim B J. Growing scale-free networks with tunable clustering [J]. Physical Review E (Statistical Nonlinear, and Soft Matter Physics), 2002, 65(2): 1–4.
Barabasi A L, Albert R. Emergence of scaling in random networks [J]. Science, 1999, 286(5439): 509–512.
Author information
Authors and Affiliations
Corresponding author
Additional information
Supported by National Natural Science Foundation of China (No.60633020 and No. 90204012) and Natural Science Foundation of Hebei Province (No. F2006000177).
WANG Fangwei, born in 1976, male, doctorate student.
Rights and permissions
About this article
Cite this article
Wang, F., Zhang, Y. & Ma, J. Modeling and defending passive worms over unstructured peer-to-peer networks?. Trans. Tianjin Univ. 14, 66–072 (2008). https://doi.org/10.1007/s12209-008-0013-y
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12209-008-0013-y