Phagocytes: A Holistic Defense and Protection Against Active P2P Worms
作者: Jon Crowcroft , Liyong Tang , Eng Keong Lua , Ruichuan Chen , Zhong Chen
DOI:
关键词:
摘要: Active Peer-to-Peer (P2P) worms present serious threats to the global Internet by exploiting popular P2P applications perform rapid topological self-propagation. pose more deadly than normal scanning because they do not exhibit easily detectable anomalies, thus many existing defenses are no longer effective. We propose an immunity system with Phagocytes --- a small subset of elected hosts that immune high probability and specialized in finding "eating" overlay. The will monitor their managed hosts' connection patterns traffic volume attempt detect active worm attacks. Once detected, local isolation, alert propagation software patching take place for containment. further provide access control filtering mechanisms communication establishment between internal overlay external hosts. We design novel adaptive interaction-based computational puzzle scheme at restrain attacking overlay, without influencing legitimate experiences significantly. implement prototype system, evaluate its performance based on realistic massive-scale network traces. evaluation results illustrate our capable achieving total defense against worms.
harvard.edu
arxiv.org
128.84.21.199
researchgate.net 参考文章(29)
Ari Juels, John G. Brainard, Client Puzzles: A Cryptographic Countermeasure Against Connection Depletion Attacks. network and distributed system security symposium. ,(1999)
Douglas Brent West, Introduction to Graph Theory ,(1995)
Liang Xie, Hui Song, Suncun Zhu, On the effectiveness of internal patching against file-sharing worms applied cryptography and network security. pp. 1- 20 ,(2008) , 10.1007/978-3-540-68914-0_1
Filipe Freitas, Rodrigo Rodrigues, Luís E. T. Rodrigues, Carlos Ribeiro, Paulo Ferreira, Verme: Worm Containment in Peer-to-Peer Overlays international workshop on peer-to-peer systems. ,(2007)
Niels Provos, A virtual honeypot framework usenix security symposium. pp. 1- 1 ,(2004)
Emin Gün Sirer, Kevin Walsh, Experience with an object reputation system for peer-to-peer filesharing networked systems design and implementation. pp. 1- 1 ,(2006)
Lidong Zhou, Lintao Zhang, Frank McSherry, Nicole Immorlica, Manuel Costa, Steve Chien, A First Look at Peer-to-Peer Worms: Threats and Defenses Peer-to-Peer Systems IV. pp. 24- 35 ,(2005) , 10.1007/11558989_3
Cynthia Dwork, Moni Naor, Pricing via Processing or Combatting Junk Mail international cryptology conference. pp. 139- 147 ,(1992) , 10.1007/3-540-48071-4_10
V. I. Levenshtein, Binary codes capable of correcting deletions, insertions, and reversals Soviet physics. Doklady. ,vol. 10, pp. 707- 710 ,(1966)
Jaeyeon Jung, V. Paxson, A.W. Berger, H. Balakrishnan, Fast portscan detection using sequential hypothesis testing ieee symposium on security and privacy. pp. 211- 225 ,(2004) , 10.1109/SECPRI.2004.1301325