[REVS] Simulating and Optimising Worm Propagation Algorithms

From: SecuriTeam (support_at_securiteam.com)
Date: 10/22/03

  • Next message: SecuriTeam: "[TOOL] Valgrind, an Open-Source Memory Debugger for x86-GNU/Linux" 
    To: list@securiteam.com
Date: 22 Oct 2003 18:28:17 +0200

    The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
    - - promotion

    The SecuriTeam alerts list - Free, Accurate, Independent.

    Get your security news from a reliable source.
    http://www.securiteam.com/mailinglist.html

    - - - - - - - - -

      Simulating and Optimising Worm Propagation Algorithms
    ------------------------------------------------------------------------

    SUMMARY

    This paper describes a series of simulations run to estimate various worm
    growth patterns and their corresponding propagation algorithms. It also
    tests and verifies the impact of various improvements, starting from a
    trivial simulation of worm propagation and the underlying network
    infrastructure to models that are more refined, it attempts to determine
    the theoretical maximum propagation speed of worms and how it can be
    achieved. It also estimates the impact a malicious worm could have on the
    overall infrastructure.

    DETAILS

    Introduction:
    Much has been written about worms since Code Red, though they are hardly a
    new phenomenon. Most of what has been written has been exaggerated and
    contains little technical details. The technical articles fall in two
    categories: Coding new or analyzing old worms, i.e. implementation details
    on the one hand. Mathematical modeling, usually through
    population/epidemic models on the other.

    To the best of Tom's knowledge, no in-depth study using actual or
    simulated worm behavior has been published so far. This paper closes this
    gap, though much more work in this area can be done.

    ADDITIONAL INFORMATION

    The complete article can be downloaded from:
    <http://web.lemuria.org/security/WormPropagation.pdf>
    http://web.lemuria.org/security/WormPropagation.pdf.

    The information has been provided by <mailto:tom@lemuria.org> Tom Vogt.

    ========================================

    This bulletin is sent to members of the SecuriTeam mailing list.
    To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
    In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

    ====================
    ====================

    DISCLAIMER:
    The information in this bulletin is provided "AS IS" without warranty of any kind.
    In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

  • Next message: SecuriTeam: "[TOOL] Valgrind, an Open-Source Memory Debugger for x86-GNU/Linux"