And you though you were safe after SLAMMER, not so, swarms not Zombies present the greatest risk to our national Internet infrastructure
2006 IEEE International Performance Computing and Communications Conference (2006)
Phoenix, AZ, USA
Apr. 10, 2006 to Apr. 12, 2006
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/.2006.1629451
F.C.C. Osorio , Wireless Syst. Security Res. Lab., Marlboro, MA, USA
Z. Klopman , Wireless Syst. Security Res. Lab., Marlboro, MA, USA
The problem of attacks where sophisticated communities, such as BLACKHAT users, compromised larger and larger number of unsuspecting (and unsuspected) home personal computers in an effort to launch major attacks on both Government and corporate networks are addressed in this manuscript. We called these attacks "swarm attacks", like a "swarm of bees". The SLAMMER, which is currently the fastest computer worm in recorded history, is an early precursor to this class of threat. Most proposed countermeasures strategies proposed to deal with such attacks, are based primarily on rate detection and limiting algorithms, or the detection of a sudden increased occurrence of "destination unreachable" messages in a network. However, we speculate that such strategies will prove ineffective in the future. In this manuscript we introduce the basic principles behind the idea of such "swarm worms", the nature of the intelligent behavior that emerges, as well as the basic structure required in order to be considered a "swarm worm", based on our definition. We present preliminary results on the propagation speeds of one such swarm worm, called the ZachiK worm. It is shown that ZachiK is capable of propagating at a rate 2 orders of magnitude faster than similar worms without swarm capabilities.
national Internet infrastructure, BLACKHAT, home personal computers, corporate networks, swarm attacks, SLAMMER, computer worm, destination unreachable messages, swarm worms, ZachiK worm, Zombies
Z. Klopman and F. Osorio, "And you though you were safe after SLAMMER, not so, swarms not Zombies present the greatest risk to our national Internet infrastructure," 2006 IEEE International Performance Computing and Communications Conference(PCC), Phoenix, AZ, USA, 2006, pp. 73.