15-05-2012, 11:32 AM
DYNAMICS OF MALWARE SPREAD IN DECENTRALIZED PEER-TO-PEER NETWORKS
DYNAMICS_Zero_Review.ppt (Size: 818.5 KB / Downloads: 70)
INTRODUCTION
The use of peer-to-peer (P2P) networks as a vehicle to spread malware offers some important advantages over worms that spread by scanning for vulnerable hosts. This is primarily due to the methodology employed by the peers to search for content. For instance, in decentralized P2P architectures where search is done by flooding the network, a peer forwards the query to it’s immediate neighbors and the process is repeated until a specified threshold time-to-live, TTL, is reached. Here TTL is the threshold representing the number of overlay links that a search query travels.
PROBLEM STATEMENT
Having infected a host in the network, the worm cloaks itself for other users. Every time a user searches for media files in the infected computer, the virus always appears as an answer to the request, leading the user to believe that it is the file the user searched for. Thus, rapid proliferation of malware can pose a serious security threat to the functioning of P2P networks. Understanding the factors affecting the malware spread can help facilitate network designs that are resilient to attacks, ensuring protection of the networking infrastructure.
EXISTING SYSTEM
Previous study focuses on transfer of regular files and they do not apply to malware that spread actively.
An assumption made that a vulnerable peer can be infected by any of the infected peers in the network. This assumption is invalid since infecting a peer is limited to those within TTL hops away from it and not the entire network.
Important omission in existing system is the incorporation of user behavior. Users in a P2P network alternate between on state and the off state.
An empirical model for malware spreading is developed in while models for the number of infected nodes by dynamic hit list-based malware is presented. This model ignores node dynamics such as online-offline transitions.