A Model for Opportunistic Network Exploits: The Case of P2P Worms.
作者: Michael P. Collins , Carrie Gates , Gaurav Kataria
DOI:
关键词: Exploit 、 Computer science 、 File sharing 、 Service (systems architecture) 、 Computer security
摘要: We segregate attacks into two categories – targeted and opportunistic based on whether the attacker compromises a specific target (targeted) or number of intermediate targets to fulfill his end goal (opportunistic). assume that attackers consider indistinguishable except for their vulnerabilities, are interested in acquiring as many possible. therefore hypothesize will develop involving services which have largest potential targets. test this hypothesis limited way by correlating worm releases P2P file sharing networks with users being targeted. Our results demonstrate relationship exists only variants worms not new worms. further service specific, there is no general model represents entire vector.
econinfosec.org
researchgate.net 参考文章(19)
Donn B. Parker, Fighting computer crime ,(1983)
Vern Paxson, Stuart Staniford, Nicholas Weaver, Stefan Savage, Colleen Shannon, David Moore, The Spread of the Sapphire/Slammer Worm ,(2003)
Anand Nandkumar, Ashish Arora, Rahul Telang, Ramayya Krishnan, H. John Heinz, Yubao Yang, Impact of Vulnerability Disclosure and Patch Availability - An Empirical Analysis ,(2004)
Yang Wang, D. Chakrabarti, Chenxi Wang, C. Faloutsos, Epidemic spreading in real networks: an eigenvalue viewpoint symposium on reliable distributed systems. pp. 25- 34 ,(2003) , 10.1109/RELDIS.2003.1238052
Bill Landreth, Out of the inner circle : a hacker's guide to computer security Microsoft Press , Distributed in the U.S. and Canada by Simon and Schuster. ,(1985)
H.O. Hundley, R.H. Anderson, Emerging challenge: security and safety in cyberspace IEEE Technology and Society Magazine. ,vol. 14, pp. 19- 28 ,(1995) , 10.1109/44.476633
J. McHugh, W.L. Fithen, W.A. Arbaugh, Windows of vulnerability: a case study analysis IEEE Computer. ,vol. 33, pp. 52- 59 ,(2000) , 10.1109/2.889093
Cliff Changchun Zou, Weibo Gong, Don Towsley, Code red worm propagation modeling and analysis Proceedings of the 9th ACM conference on Computer and communications security - CCS '02. pp. 138- 147 ,(2002) , 10.1145/586110.586130
Mohammad Mannan, Paul C. van Oorschot, On instant messaging worms, analysis and countermeasures workshop on rapid malcode. pp. 2- 11 ,(2005) , 10.1145/1103626.1103629
Nicholas Weaver, Vern Paxson, Stuart Staniford, Robert Cunningham, A taxonomy of computer worms workshop on rapid malcode. pp. 11- 18 ,(2003) , 10.1145/948187.948190