大规模网络蠕虫入侵的混合抽象级仿真模型

Proceedings. 10th IEEE International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunications Systems Pub Date : 2002-10-11 DOI:10.1109/MASCOT.2002.1167067

M. Liljenstam, Yougu Yuan, B. Premore, D. Nicol

{"title":"大规模网络蠕虫入侵的混合抽象级仿真模型","authors":"M. Liljenstam, Yougu Yuan, B. Premore, D. Nicol","doi":"10.1109/MASCOT.2002.1167067","DOIUrl":null,"url":null,"abstract":"Large-scale worm infestations, such as last year's Code Red, Code Red II, and Nimda, have led to increased interest in modeling these events to assess threat levels, evaluate countermeasures and investigate possible influence on the Internet infrastructure. However the inherently large scale of these phenomena pose significant challenges for models that include infrastructure detail. We explore the use of selective abstraction through epidemiological models in conjunction with detailed protocol models as a means to scale up simulations to a point where we can ask meaningful questions regarding a hypothesized link between worms and inter-domain routing instability. We find that this approach shows significant promise, in contrast to some of our early attempts using all-out packet level models. We also describe some approaches we are taking to collect the underlying data for our models.","PeriodicalId":384900,"journal":{"name":"Proceedings. 10th IEEE International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunications Systems","volume":"67 6","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2002-10-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"109","resultStr":"{\"title\":\"A mixed abstraction level simulation model of large-scale Internet worm infestations\",\"authors\":\"M. Liljenstam, Yougu Yuan, B. Premore, D. Nicol\",\"doi\":\"10.1109/MASCOT.2002.1167067\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Large-scale worm infestations, such as last year's Code Red, Code Red II, and Nimda, have led to increased interest in modeling these events to assess threat levels, evaluate countermeasures and investigate possible influence on the Internet infrastructure. However the inherently large scale of these phenomena pose significant challenges for models that include infrastructure detail. We explore the use of selective abstraction through epidemiological models in conjunction with detailed protocol models as a means to scale up simulations to a point where we can ask meaningful questions regarding a hypothesized link between worms and inter-domain routing instability. We find that this approach shows significant promise, in contrast to some of our early attempts using all-out packet level models. We also describe some approaches we are taking to collect the underlying data for our models.\",\"PeriodicalId\":384900,\"journal\":{\"name\":\"Proceedings. 10th IEEE International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunications Systems\",\"volume\":\"67 6\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2002-10-11\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"109\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings. 10th IEEE International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunications Systems\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/MASCOT.2002.1167067\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings. 10th IEEE International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunications Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/MASCOT.2002.1167067","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 109

摘要

大规模蠕虫感染，如去年的红色代码、红色代码II和Nimda，导致人们对这些事件建模的兴趣增加，以评估威胁级别、评估对策和调查对互联网基础设施可能产生的影响。然而，这些现象固有的大规模对包含基础设施细节的模型提出了重大挑战。我们通过流行病学模型结合详细的协议模型来探索选择性抽象的使用，作为一种将模拟扩展到我们可以就蠕虫和域间路由不稳定性之间的假设联系提出有意义的问题的手段。我们发现，与我们早期使用全面包级模型的一些尝试相比，这种方法显示出显著的前景。我们还描述了为模型收集底层数据所采用的一些方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A mixed abstraction level simulation model of large-scale Internet worm infestations

Large-scale worm infestations, such as last year's Code Red, Code Red II, and Nimda, have led to increased interest in modeling these events to assess threat levels, evaluate countermeasures and investigate possible influence on the Internet infrastructure. However the inherently large scale of these phenomena pose significant challenges for models that include infrastructure detail. We explore the use of selective abstraction through epidemiological models in conjunction with detailed protocol models as a means to scale up simulations to a point where we can ask meaningful questions regarding a hypothesized link between worms and inter-domain routing instability. We find that this approach shows significant promise, in contrast to some of our early attempts using all-out packet level models. We also describe some approaches we are taking to collect the underlying data for our models.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings. 10th IEEE International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunications Systems

自引率

0.00%

发文量