The Community for Technology Leaders
Performance, Computing, and Communications Conference, 2002. 21st IEEE International (2006)
Phoenix, AZ, USA
Apr. 10, 2006 to Apr. 12, 2006
ISBN: 1-4244-0198-4
pp: 78
L. Briesemeister , Comput. Sci. Lab., SRI Int., Menlo Park, CA, USA
P.A. Porras , Comput. Sci. Lab., SRI Int., Menlo Park, CA, USA
ABSTRACT
We present an approach to the question of evaluating worm defenses against future, yet unseen, and possibly defense-aware worm behavior. Our scheme employs model checking to produce worm propagation sequences that defeat a worm defense of interest. We demonstrate this approach using an exemplar collaborative worm defense, in which LANs share alerts about encountered infections. Through model checking experiments, we then generate propagation sequences that are able to infect the whole population in the modeled network. We discuss these experimental results and also identify open problems in applying formal methods more generally in the context of worm quarantine research.
INDEX TERMS
worm quarantine research, collaborative worm defense, defense-aware worm behavior, model checking, worm propagation sequences, LAN
CITATION
L. Briesemeister, P.A. Porras, "Automatically deducing propagation sequences that circumvent a collaborative worm defense", Performance, Computing, and Communications Conference, 2002. 21st IEEE International, vol. 00, no. , pp. 78, 2006, doi:10.1109/.2006.1629456
91 ms
(Ver 3.3 (11022016))