Influence of removable devices on worm propagation under pulse quarantine strategy



Internet worms, a great threat to network security can spread quickly via networks. Many worms can also easily propagate via removable devices, which have become a key method for such worms to stealthily invade those computers not connected to the Internet. Therefore, it is necessary to analyze the dynamic behavior and containment strategy of such worms. By theoretical analysis and experiments, we found that the traditional constant quarantine strategy has a quite high demand on initial immunization rate, which is difficult to achieve in a real network environments. Thus, a pulse quarantine strategy is proposed to make up the deficiency of constant quarantine. Pulse quarantine adopts a hybrid intrusion detection system (IDS) integrating both misuse and anomaly IDS. By analyzing the systems2019 stability at infection-free equilibrium, a basic reproduction number is determined. If basic reproduction number is less than one, system will be stable, which is beneficial for us to predict worm propagation and implement containment strategy; otherwise, the system will lose its stability and worm propagation is out of control. Numerical analysis is given to illustrate our theory. Finally, simulation experiments are presented to simulate the worm propagation; the results fully demonstrate the correctness of our theoretical analysis.



Total Pages: 16
Pages: 651-666


Volume: 22
Issue: 4
Year: 2016

