Dynamics of Malicious Software in the Internet

Post on 08-Jan-2016

39 views 3 download

Preview:

Click to see full reader

Tags:

Report this document
SHARE

description

Tatehiro Kaiwa, University of Aizu. E-mail:m5081224@u-aizu.ac.jp. Dynamics of Malicious Software in the Internet. 1. Outline. Random Network and Scale-free Network Observed Arrivals of E-mail Simulation Model of Worm Spread Dynamics Local Network Structure Inference - PowerPoint PPT Presentation

Transcript of Dynamics of Malicious Software in the Internet

Dynamics of Malicious Software

in the InternetTatehiro Kaiwa,

University of Aizu.

E-mail:m5081224@u-aizu.ac.jp

1

Outline●Random Network and Scale-free Network

●Observed Arrivals of E-mail

●Simulation Model of Worm Spread Dynamics

●Local Network Structure Inference

●Mathematical Model of Outbreak

●Hub Defense Strategy

●Conclusion

2

Two Model of Network● Model of Network

– Random Network Degree Distribution: bell curve– Scale-free Network Degree Distribution: power-law

3

Scale-free and Preferential Attachment

Scale-free Network is a network with power-law degree distribution.

4

Structure of E-mail Network

Degree Distribution of an e-mail network.Reference:Holger Ebel, Lutz-Ingo Mielsch, and Stefan Bornholdt,“Scale-free topology of e-mail networks”,Physical Review E 66, 2002

*k: The number of links.

5

Spoofed From-field

● The From-filed of an e-mail message a worm sends is varies and/or is spoofed.

● It is almost impossible to identify where a worm sends the e-mail and how many worms send observed e-mails.

● It is only arrival intervals that we can obtain a correct data from received e-mails.

6

Observed Arrivals of E-mail

● There are log data* of the time on which each e-mail messages with a worm attached arrived at University of Aizu. * http://web-int/labs/istc/ipc/Security/virus/index.html

7

Simulation Model of Worm Spread Dynamics

8

Comparison between Simulation and Observed Data

9

Arrival Intervals of Simulationi) ii)

iii) i) mk:115.619 ii) mk:92.15

iii) mk:61.95

*mk : Mean of Number of links neighbors have.

10

Mathematical Model of Outbreak

][2

][1][

eME

MESE

11

Hub Defense Strategy (1)

*h = Number of immune hub nodes

Difference of Number of immune hub nodes.

12

Hub Defense Strategy (2)

r = Number of immune nodes selected randomly. h= Number of immune hub nodes.

Comparison Between Hub Defense and Random Defense

13

Conclusion● Observing arrival intervals, we can estimate damage

of a worm and estimate a network structure around observer.

● We can confirm that hub defense strategy is an effective method in this network even though the number of immune hub nodes are not much enough.

14

Thank you

15

Top related

Internet Malicious Miscreant
 Documents
CyberProbe: Towards Internet-Scale Active …faculty.cs.tamu.edu/guofei/paper/CyberProbe_NDSS14.pdfCyberProbe: Towards Internet-Scale Active Detection of Malicious Servers Antonio
 Documents
MAFTIA - Malicious and Accidental Fault Tolerance for Internet
 Documents
The Clone Wars: Competitive Dynamics in the Internet Video ... › - › media › files... · The Clone Wars: Competitive Dynamics in the Internet Video Industry Kenny Ching1 ...
 Documents
Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
 Documents
Malicious Software Malicious Software Han Zhang & Ruochen Sun.
 Documents
ONLINE SAFETY · 2021. 1. 18. · SAFETY Internet Safety ... The internet is literally full of malicious software such as malware, trojans and computer viruses. These programs are
 Documents
Dynamics of Malicious Software on the Internet · a new virus or worm. The system also needs a large memory for signatures. Further, The system needs the time to detect the viruses
 Documents
Voice over Internet Protocol (VoIP): The Dynamics of Technology
 Documents
An evaluation of the U.S. Trusted Internet Connections program · PDF fileAn evaluation of the U.S. Trusted Internet Connections program. ... analyzes malicious ... will require the
 Documents
On Internet Traffic Dynamics and Internet Topology I High Variability Phenomena
 Documents
YOUNG PEOPLE, MUSIC & THE INTERNET · contained viruses or other malicious code.1 If your child downloads one of these malicious fi les, your PC could be used, among other things,
 Documents
Deep Impact : Recognizing Unknown Malicious Activities ......Deep Impact : Recognizing Unknown Malicious Activities from Zero Knowledge Hiroshi Suzuki / HisaoNashiwa Internet Initiative
 Documents
VICTORIA UNIVERSITY OF WELLINGTON Te Whare ......chaos for innocent (and other malicious) participants of the internet. An especially common goal of internet attackers is to force
 Documents
CyberProbe: Towards Internet-Scale Active Detection of Malicious Server
 Technology
Social Dynamics of the Internet
 Social Media
SMALL WORLD DYNAMICS & INTERNET
 Documents
Malicious Behavior on the Web: Characterization and Detectionsnap.stanford.edu/ · In Internet slang, a troll is a person who sows discord on the Internet by starting arguments or
 Documents
CS5229 09/10 Lecture 9: Internet Packet Dynamics
 Documents
Understanding Internet Dynamics from a Global View: … · Understanding Internet Dynamics from a Global View the Internet is an evolving open system I no central point, no typical
 Documents

Copyright © 2022 FDOCUMENTS