Title :
Reconstruction of Worm Propagation Path by Causality
Author :
Shi, Wei ; Li, Qiang ; Kang, Jian ; Guo, Dong
Author_Institution :
Coll. of Comput. Sci. & Technol., JiLin Univ., Changchun, China
Abstract :
Fast and accurate online tracing of network worm during its propagation is essential for worm containment and reducing the loss. Though worm is randomly spread, there exists implicit causality between adjacent infected nodes. Using this causality can help to enhance the performance of worm tracing algorithm. Bayesian Network can be a very good probability description of the current results and prior conditions. Based on the analysis of causality, we present an improved online tracing algorithm -- Bayesian Network Correlation Algorithm to acquire worm propagation path, and analyze and verify its accuracy and performance through simulation experiments. Experiment result indicates that the detection accuracy of Bayesian Network Correlation Algorithm has risen by 10% compared to our previous work, this improved algorithm is more suitable for online detection.
Keywords :
belief networks; invasive software; Bayesian network correlation; implicit causality; network worm; online tracing algorithm; worm containment; worm propagation path reconstruction; worm tracing algorithm; Algorithm design and analysis; Analytical models; Bayesian methods; Computer architecture; Computer science; Computer worms; Educational institutions; Performance analysis; Probability; Telecommunication traffic; Bayesian Network; Correlation; Propagation Path; Worm;
Conference_Titel :
Networking, Architecture, and Storage, 2009. NAS 2009. IEEE International Conference on
Conference_Location :
Hunan
Print_ISBN :
978-0-7695-3741-2
DOI :
10.1109/NAS.2009.25
