emailWorm-ICCCN04 - EmailWormModeling andDefense

Info iconThis preview shows pages 1–5. Sign up to view the full content.

View Full Document Right Arrow Icon
1 Email Worm Modeling  and Defense Cliff C. Zou,     Don Towsley,     Weibo Gong Univ. Massachusetts, Amherst
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 Internet Worm Introduction Scan-based worms: Example:  Code Red, Slammer,  Blaster, Sasser, … No human interaction Fast (automatic defense) Need vulnerability Fewer incidents Network-based blocking Modeling: no (week)  topological issue Epidemic models Email worms: Example:  Melissa, Love letter,  Sircam, SoBig, MyDoom,  … Human activation Slower   Need no vulnerability More incidents Defense on email servers Modeling:  email address  logical topology No math model yet Nimda:  mixed infection MyDoom:  search engine
Background image of page 2
3 Email Topology —  Heavy-tailed Distributed Email topology degree distr.           Size distr. of email address books Popular email list: one list address corresponds to many. Email worms find all addresses on compromised computers. Email address books, Web cache, text documents, etc. We study email propagation on power law topologies. Generators available ; best candidate to represent heavy-tailed topology. 1 10 100 1,000 10,000 100,000 1,000,000 0.000001 0.00001 0.0001 0.001 0.01 0.1 0 Yahoo Group Random graph Complementary cumulative  distribution  (May 2002: > 800,000 Yahoo groups)
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
4 Email   Worm Simulation Model Discrete time simulation Topology: undirected graph Power law, small world, random graph Modeling behavior of individual user  Worm email attachment opening prob. 
Background image of page 4
Image of page 5
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 08/25/2011 for the course EEL 5937 taught by Professor Staff during the Spring '08 term at University of Central Florida.

Page1 / 14

emailWorm-ICCCN04 - EmailWormModeling andDefense

This preview shows document pages 1 - 5. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online