Secure P2P Patch Dissemination in a Race Against Topological Worms
Document Type
Article
Publication Date
2015
Publication Title
Journal of Information System Security
ISSN
1551-0123
Abstract
The frequency and scale of worm attacks on the Internet are increasing each year. The speed and severity of worm attacks are particularly alarming over peer-to-peer (p2p) networks, maybe on account of their popularity and the fact that they represent a significant portion of Internet traffic. It is well documented that worms in a p2p network spread much faster than the Internet, due to the rich host connectivity and the constant data exchange among the peers in the network. In this paper, we investigate strategies to curb the spread of worms in p2p networks, and offer countermeasures against this emerging cyber threat. In particular, we study the problem of disseminating security patches over a p2p network, while simultaneously containing the spread of topological worms in the network. As a solution, we propose a self-organizing, dynamic, emergent, defense p2p topology called ‘Spawn’ to combat this threat which ensures that: 1) the worm propagation is slowed by quarantining it to a confined portion of the network while simultaneously, and; 2) the security patch is disseminated to most nodes in the p2p network before the worm reaches them. This topology is built on the principle that the worm propagates epidemically, and we permit the security patch to propagate itself over the topology using epidemic gossip techniques. We show that our topology and patch dissemination mechanism is faster, dynamic and more efficient and scalable than comparable schemes in the literature. Our emergent algorithmic approach presents a novel defense architecture for deploying p2p networks and we outline a number of design directions to improve the resilience of p2p networks against topological worms.
Recommended Citation
Shashidhar, Narasimha, Lei Chen.
2015.
"Secure P2P Patch Dissemination in a Race Against Topological Worms."
Journal of Information System Security, 11 (1): 59-86.
source: https://eds.a.ebscohost.com/abstract?site=eds&scope=site&jrnl=15512002&AN=110521852&h=6sZlXxeePL2I%2bHTsEehouyH5NBjnrbJiQkAlKVOPfPaSnVgzni9zpS33RZSaOP8nHqoSuHfYi6lI167qcTwUzg%3d%3d&crl=f&resultLocal=ErrCrlNoResults&resultNs=Ehost&crlhashurl=login.aspx%3fdirect%3dtrue%26profile%3dehost%26scope%3dsite%26authtype%3dcrawler%26jrnl%3d15512002%26AN%3d110521852
https://digitalcommons.georgiasouthern.edu/information-tech-facpubs/40