In this paper, we formulate an analytical model to characterize the spread of malware in decentralized, Gnutella type peer-to-peer (P2P) networks and study the dynamics associated with the spread of malware. Using a compartmental model, we derive the system parameters or network conditions under which the P2P network may reach a malware free equilibrium. The model also evaluates the effect of control strategies like node quarantine on stifling the spread of malware. The model is then extended to consider the impact of P2P networks on the malware spread in networks of smart cell phones.
In previous simulation model uses a combination of the deterministic epidemic model and a general stochastic epidemic model to model the effect of large-scale worm attacks. In an Existing system the complexity of the general stochastic epidemic model makes it difficult to derive insightful results that could be used to contain the worm.
In a previous study it is used to detect the presence of a worm by detecting the trend, not the rate, of the observed illegitimate scan traffic. The filter is used to separate worm traffic from background non worm scan traffic.
This model leads to the development of an automatic worm containment strategy that prevents the spread of a worm beyond its early stage. We obtain the probability that the total number of hosts that the worm infects is below a certain level. Our strategy can effectively contain both fast scan worms and slow scan worms without knowing the worm signature in advance or needing to explicitly detect the worm. Our automatic worm containment schemes effectively contain the worms and stop its spreading.
- User Interface Design
- Worm Propagation Model
- Scanning for worms
- Detecting and categorizing worms
- Containment of worms