You are here

Mitigating worm propagation on virtual LANs

Download pdf | Full Screen View

Date Issued:
2006
Summary:
Recent worms have used sophisticated propagation techniques to propagate faster than the patch distribution and have utilized previously unknown vulnerabilities. To mitigate repetition of such epidemics in future, active defense mechanisms are needed that not only identify malicious activity, but can also defend against widespread outbreak. We provide a framework capable of reacting quickly to quarantine infections. The fundamental components of our framework are detector and VLAN switch. We have provided a proof of concept implementation, where we use the Blaster worm as an example, and demonstrate that detection of worms is possible, and individual infected hosts can be isolated quickly. Furthermore, using Monte Carlo simulations, we show that such containment of future epidemics is possible. In addition, we also compute the overhead of detection and mitigation approaches and have shown that our approach has lower overhead compared to the others.
Title: Mitigating worm propagation on virtual LANs.
81 views
18 downloads
Name(s): Sun, Xiaoguang.
Florida Atlantic University, Degree grantor
Rajput, Saeed, Thesis advisor
Hsu, Sam, Thesis advisor
College of Engineering and Computer Science
Department of Computer and Electrical Engineering and Computer Science
Type of Resource: text
Genre: Electronic Thesis Or Dissertation
Issuance: monographic
Date Issued: 2006
Publisher: Florida Atlantic University
Place of Publication: Boca Raton, Fla.
Physical Form: application/pdf
Extent: 75 p.
Language(s): English
Summary: Recent worms have used sophisticated propagation techniques to propagate faster than the patch distribution and have utilized previously unknown vulnerabilities. To mitigate repetition of such epidemics in future, active defense mechanisms are needed that not only identify malicious activity, but can also defend against widespread outbreak. We provide a framework capable of reacting quickly to quarantine infections. The fundamental components of our framework are detector and VLAN switch. We have provided a proof of concept implementation, where we use the Blaster worm as an example, and demonstrate that detection of worms is possible, and individual infected hosts can be isolated quickly. Furthermore, using Monte Carlo simulations, we show that such containment of future epidemics is possible. In addition, we also compute the overhead of detection and mitigation approaches and have shown that our approach has lower overhead compared to the others.
Identifier: 9780542745508 (isbn), 13369 (digitool), FADT13369 (IID), fau:10219 (fedora)
Collection: FAU Electronic Theses and Dissertations Collection
Note(s): College of Engineering and Computer Science
Thesis (M.S.)--Florida Atlantic University, 2006.
Subject(s): Wireless LANs--Security measures
Wireless communication systems--Security measures
Computer viruses--Prevention
Computer security
Held by: Florida Atlantic University Libraries
Persistent Link to This Record: http://purl.flvc.org/fcla/dt/13369
Sublocation: Digital Library
Use and Reproduction: Copyright © is held by the author, with permission granted to Florida Atlantic University to digitize, archive and distribute this item for non-profit research and educational purposes. Any reuse of this item in excess of fair use or other copyright exemptions requires permission of the copyright holder.
Use and Reproduction: http://rightsstatements.org/vocab/InC/1.0/
Host Institution: FAU
Is Part of Series: Florida Atlantic University Digital Library Collections.