27-12-2011, 07:25 PM
Check out the attachment
14-02-2012, 12:19 PM
ppt and uml diagram for dynamics of malware spread in decentralised peer to peer networks
17-02-2012, 05:05 PM
i need the source code for dynamics of malware spread in decentralized Peer-to-peer networks
30-03-2012, 03:05 PM
i need the documentation for this topic"Dynamics of malware spread in decentralized peer to peer network"... could u plz send it to my mail id "miruna2011[at]gmail.com"
10-08-2012, 10:34 AM
Dynamics of Malware Spread in Decentralized Peer-to-Peer Networks
Dynamics_of_Malware_Spread.pdf (Size: 368.79 KB / Downloads: 58) Abstract In this paper, we formulate an analytical model to characterize the spread of malware in decentralized, Gnutella type peer-to-peer (P2P) networks and study the dynamics associated with the spread of malware. Using a compartmental model, we derive the system parameters or network conditions under which the P2P network may reach a malware free equilibrium. The model also evaluates the effect of control strategies like node quarantine on stifling the spread of malware. The model is then extended to consider the impact of P2P networks on the malware spread in networks of smart cell phones. INTRODUCTION THE use of peer-to-peer (P2P) networks as a vehicle to spread malware offers some important advantages over worms that spread by scanning for vulnerable hosts. This is primarily due to the methodology employed by the peers to search for content. For instance, in decentralized P2P architectures such as Gnutella [1] where search is done by flooding the network, a peer forwards the query to it’s immediate neighbors and the process is repeated until a specified threshold time-to-live, TTL, is reached. Here TTL is the threshold representing the number of overlay links that a search query travels. A relevant example here is theMandragore worm [2], that affected Gnutella users. Having infected a host in the network, the worm cloaks itself for other Gnutella users. Every time a Gnutella user searches for media files in the infected computer, the virus always appears as an answer to the request, leading the user to believe that it is the file the user searched for. The design of the search technique has the following implications: first, the worms can spread much faster, since they do not have to probe for susceptible hosts and second, the rate of failed connections is less. Thus, rapid proliferation of malware can pose a serious security threat to the functioning of P2P networks. RELATIONSHIP TO PRIOR WORK Though the initial thrust in P2P research was measurement oriented, subsequent works, [3], [4], [5], have proposed analytical models for the temporal evolution of information in the network. The focus of these works is on transfer of regular files and they do not apply to malware that spread actively. In addition, they are specialized to BitTorrent like networks and cannot be extended for P2P networks such as Gnutella or KaZaa. The issue of worms in peer-to-peer networks is addressed in [6], [7] using a simulation study of P2P worms and possible mitigation mechanisms. Epidemiological models to study malware spread in P2P networks are presented in [8], [9]. These studies assume that a vulnerable peer can be infected by any of the infected peers in the network. This assumption is invalid since the candidates for infecting a peer are limited to those within TTL hops away from it and not the entire network. Another important omission is the incorporation of user behavior. Typically, users in a P2P network alternate between two states: the on state, where they are connected to other peers and partake in network activities and the off state wherein they are disconnected from the network. Peers going offline result in fewer candidates for infection thereby lowering the intensity of malware spread. MODEL ANALYSIS In this section, we analyze the model presented in the previous section and obtain the expressions governing the global stability of the malware free equilibrium (MFE). Malware Free Equilibrium We now proceed with the derivation of the basic reproduction number, R0, a metric that governs the global stability of the MFE. Here, R0 quantifies the number of vulnerable peers whose security is compromised by an infected host during it’s lifetime. It is an established result in epidemiology that R0 < 1 ensures that the epidemic dies out fast and does not attain an endemic state [18]. Stability information of the MFE is important since this guarantees that the system continues to be malware free even if newly infected peers are introduced. Quarantine As a form of damage control, the intensity of malware spread can be limited by quarantining infected nodes. This section quantifies the impact of the quarantine rate on the basic reproduction ratio R0. Quarantine is introduced in the system as follows: we assume that an infected node is taken off the network with probability . We also assume that this operation does not result in the P2P network being split into disconnected components. CONCLUSION In this paper, we developed an analytic model to understand the dynamics of malware spread in P2P networks. The need for an analytic framework incorporating user characteristics (e.g., offline to online transitional behavior) and communication patterns (e.g., the average neighborhood size) was put forth by quantifying their influence on the basic reproduction ratio. It was shown that models that do not incorporate the above features run the risk of grossly overestimating R0 and thus falsely report the presence of an epidemic.
19-01-2014, 01:23 PM
i need the source code for dynamics of malware spread in decentralized Peer-to-peer networks could u pls send it to my email-id tejukumar362[at]gmail.com |
|