A COMBINATORICS PROLIFERATION MODEL TO DETERMINE THE TIMING FOR BLOCKING SCANNING MALWARE

Kazumasa Omote; Takeshi Shimoyama; Satoru Torii

doi:10.5220/0002119300160024

A COMBINATORICS PROLIFERATION MODEL TO DETERMINE THE TIMING FOR BLOCKING SCANNING MALWARE

Kazumasa Omote, Takeshi Shimoyama, Satoru Torii

2007

Abstract

One of the worst threats present in an enterprise network is the propagation of “scanning malware” (e.g., scanning worms and bots). It is important to prevent such scanning malware from spreading within an enterprise network. It is especially important to suppress scanning malware infection to less than a few infected hosts. We estimated the timing of containment software to block “scanning malware” in a homogeneous enterprise network. The “combinatorics proliferation model”, based on discrete mathematics, developed in this study derives a threshold that gives the number of the packets sent by a victim that must not be exceeded in order to suppress the number of infected hosts to less than a few. This model can appropriately express the early state under which an infection started. The result from our model fits very well to the result of computer simulation using a typical existing scanning malware and an actual network.

Download

Paper Citation

in Harvard Style

Omote K., Shimoyama T. and Torii S. (2007). A COMBINATORICS PROLIFERATION MODEL TO DETERMINE THE TIMING FOR BLOCKING SCANNING MALWARE . In Proceedings of the Second International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2007) ISBN 978-989-8111-12-8, pages 16-24. DOI: 10.5220/0002119300160024

in Bibtex Style

@conference{secrypt07,
author={Kazumasa Omote and Takeshi Shimoyama and Satoru Torii},
title={A COMBINATORICS PROLIFERATION MODEL TO DETERMINE THE TIMING FOR BLOCKING SCANNING MALWARE},
booktitle={Proceedings of the Second International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2007)},
year={2007},
pages={16-24},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002119300160024},
isbn={978-989-8111-12-8},
}

in EndNote Style

TY - CONF
JO - Proceedings of the Second International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2007)
TI - A COMBINATORICS PROLIFERATION MODEL TO DETERMINE THE TIMING FOR BLOCKING SCANNING MALWARE
SN - 978-989-8111-12-8
AU - Omote K.
AU - Shimoyama T.
AU - Torii S.
PY - 2007
SP - 16
EP - 24
DO - 10.5220/0002119300160024