Article: Automated detection and containment of worms and viruses into heterogeneous networks: a simple network immune system Journal: International Journal of Wireless and Mobile Computing (IJWMC) 2007 Vol.2 No.1 pp.47 - 58 Abstract: While much recent research concentrates on propagation models, the defence against worms is largely an open problem. Classical containment strategies, based on manual application of traffic filters, will be almost totally ineffective in the wide area since the worms are able to spread at rates that effectively preclude any human-directed reaction. Consequently, developing an automated, flexible and adaptive containment strategy is the most viable way to defeat worm propagation in an acceptable time. As a case in point, we look to natural immune systems, which solve a similar problem, but in a radically different way. Accordingly, we present a cooperative immunisation system inspired in principles and structure by the natural immune system that helps in defending against these types of attacks. Our system automatically detects pathologic traffic conditions due to an infection and informs, according to a cooperative communication principle, all the reachable networked nodes about the ongoing attack, triggering the actions required to their defence. To evaluate our proposal, we formulated a simple worm propagation and containment model, and evaluated our system using numerical solution and sensitivity analysis. Our measurements show that our reaction strategy is sufficiently robust against all the most common malicious agents. We envision that the above solution will be an effective line of defence against more aggressive worms. Inderscience Publishers - linking academia, business and industry through research

Title: Automated detection and containment of worms and viruses into heterogeneous networks: a simple network immune system

Authors: Francesco Palmieri, Ugo Fiore

Addresses: Centro Servizi Didattico Scientifico, Universita degli Studi di Napoli Federico II, Napoli, Italy. ' Centro Servizi Didattico Scientifico, Universita degli Studi di Napoli Federico II, Napoli, Italy

Abstract: While much recent research concentrates on propagation models, the defence against worms is largely an open problem. Classical containment strategies, based on manual application of traffic filters, will be almost totally ineffective in the wide area since the worms are able to spread at rates that effectively preclude any human-directed reaction. Consequently, developing an automated, flexible and adaptive containment strategy is the most viable way to defeat worm propagation in an acceptable time. As a case in point, we look to natural immune systems, which solve a similar problem, but in a radically different way. Accordingly, we present a cooperative immunisation system inspired in principles and structure by the natural immune system that helps in defending against these types of attacks. Our system automatically detects pathologic traffic conditions due to an infection and informs, according to a cooperative communication principle, all the reachable networked nodes about the ongoing attack, triggering the actions required to their defence. To evaluate our proposal, we formulated a simple worm propagation and containment model, and evaluated our system using numerical solution and sensitivity analysis. Our measurements show that our reaction strategy is sufficiently robust against all the most common malicious agents. We envision that the above solution will be an effective line of defence against more aggressive worms.

Keywords: worms; viruses; automatic detection; automatic containment; network immune systems; worm propagation; malicious agents; attacks; wireless networks; mobile networks; network security.

DOI: 10.1504/IJWMC.2007.013795

International Journal of Wireless and Mobile Computing, 2007 Vol.2 No.1, pp.47 - 58

Published online: 28 May 2007 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article

Title: Automated detection and containment of worms and viruses into heterogeneous networks: a simple network immune system

Keep up-to-date