Issue No. 02 - April-June (2007 vol. 4)
As many people rely on e-mail communications for business and everyday life, Internet e-mail worms constitute one of the major security threats for our society. Unlike scanning worms such as Code Red or Slammer, e-mail worms spread over a logical network defined by e-mail address relationships, making traditional epidemic models invalid for modeling the propagation of e-mail worms. In addition, we show that the topological epidemic models presented by M. Boguna, et al. (2000) largely overestimate epidemic spreading speed in topological networks due to their implicit homogeneous mixing assumption. For this reason, we rely on simulations to study e-mail worm propagation in this paper. We present an e-mail worm simulation model that accounts for the behaviors of e-mail users, including e-mail checking time and the probability of opening an e-mail attachment. Our observations of e-mail lists suggest that an Internet e-mail network follows a heavy-tailed distribution in terms of node degrees, and we model it as a power-law network. To study the topological impact, we compare e-mail worm propagation on power-law topology with worm propagation on two other topologies: small-world topology and random-graph topology. The impact of the power-law topology on the spread of e-mail worms is mixed: E-mail worms spread more quickly on a power-law topology than on a small-world topology or a random-graph topology, but immunization defense is more effective on a power-law topology.
unsolicited e-mail, Internet, invasive software, telecommunication security,epidemic model, Internet e-mail worm, e-mail checking time, e-mail attachment, power-law topology, small-world topology, random-graph topology, network security,Internet, Electronic mail, Computer worms, Network topology, Computer viruses, IP networks, Computer security, Business communication, Societies, Immune system,simulation., Network security, e-mail worm, worm modeling, epidemic model
"Modeling and Simulation Study of the Propagation and Defense of Internet E-mail Worms", IEEE Transactions on Dependable and Secure Computing, vol. 4, no. , pp. 105-118, April-June 2007, doi:10.1109/TDSC.2007.1001