The Internet is crucial to business, government, education and many other facets of society, but the easy access and wide usage of the most common network services make it a primary target for the propagation of viral infections or worms. It has been widely experienced that the massive worldwide spreading of very fast and aggressive worms may easily disrupt or damage the connectivity of large sections of the Internet, affecting millions of users. Classical containment strategies, based on manual application of traffic filters will be almost totally ineffective in the wide area. Consequently, developing an automated self-distributing containment strategy is the most viable way to defeat the worm propagation in an acceptable time The objective of our work is to develop a distributed and cooperative containment strategy based on having traffic filtering information dynamically disseminate throughout the network at a speed that is faster than (or at least comparable with) the propagation of worms. Our framework based on BGP extensions to distribute traffic filtering information has the advantage of using the existing infrastructure and inter-as communication channels. We envision that the above solution will be one of the most effective and challenging lines of defense against next-generation more aggressive worms. © 2007 Elsevier Ltd. All rights reserved.

Containing large-scale worm spreading in the Internet by cooperative distribution of traffic filtering policies

Fiore, Ugo
2008-01-01

Abstract

The Internet is crucial to business, government, education and many other facets of society, but the easy access and wide usage of the most common network services make it a primary target for the propagation of viral infections or worms. It has been widely experienced that the massive worldwide spreading of very fast and aggressive worms may easily disrupt or damage the connectivity of large sections of the Internet, affecting millions of users. Classical containment strategies, based on manual application of traffic filters will be almost totally ineffective in the wide area. Consequently, developing an automated self-distributing containment strategy is the most viable way to defeat the worm propagation in an acceptable time The objective of our work is to develop a distributed and cooperative containment strategy based on having traffic filtering information dynamically disseminate throughout the network at a speed that is faster than (or at least comparable with) the propagation of worms. Our framework based on BGP extensions to distribute traffic filtering information has the advantage of using the existing infrastructure and inter-as communication channels. We envision that the above solution will be one of the most effective and challenging lines of defense against next-generation more aggressive worms. © 2007 Elsevier Ltd. All rights reserved.
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11367/64002
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 7
  • ???jsp.display-item.citation.isi??? 5
social impact