№1, 2012

ABOUT ONE MONITORING ALGORITHM OF PERMUTATION WORMS

Ramiz H. Shikhaliyev

In recent years different strategies have emerged for increasing their rate of proliferation of worms. Therefore, for the detection of worms, particularly permutation worms, high speed monitoring and analysis of network traffic in real time is important. However, due to the emergence of computational difficulties and problems with data flow storage, the solution of this problem using a deterministic algorithm becomes very difficult. Therefore, we propose a method for monitoring network traffic through the use of randomized streaming algorithms, in particular a sliding window mechanism, which requires very little memory and computational resources. (pp. 44-50)

Keywords: worms, permutation scanning, network traffic monitoring, sliding window
References
  • Smith C., Matrawy A., Chow S. and Abdelaziz B. Computer Worms: Architecture, Evasion Strategies, and Detection Mechanisms // Journal of Information Assurance and Security, 2009, no.4, pp. 69–83.
  • Weaver N. Potential Strategies for High Speed Active Worms: A Worst case Analysis, 2002 http://www.icsi.berkeley.edu/~nweaver/worms.pdf
  • Manna P.K, Shigang Chen, Ranka S.; Inside the Permutation-Scanning Worms: PropagationModeling and Analysis, IEEE/ACM Transactions On Networking, June 2010, vol. 18, 3, pp. 858–870.
  • Mayur Datar and Rajeev Motwani. The sliding-window computation model and results. Data Streams The Kluwer International Series on Advances in Database Systems, 2007, 31, pp.149–167.
  • Aggarwal C. (editor). Data Streams: Models and Algorithms, Springer Verlag, 2007. 354 p.
  • Moore D., Paxson V., Savage S., Shannon C., Staniford S. and Weaver N. Inside the slammer worm // Security and Privacy Magazine, July/August 2003, pp. 33–39.
  • Knuth D.E. The Art of Computer Programming, Volume 3: Sorting and Searching, 2nd Addison-Wesley, 1998, ISBN 0-201-89685-0, 800 p.
  •  Venkataraman S., Song D.X., Gibbons P.B., and Blum A. New streaming algorithms for fast detection of superspreaders / Proceedings of the Network and Distributed System Security Symposium, 2005, San Diego, California, USA.
  • Bandi N., Agrawal D., El Abbadi A. Fast Algorithms for Heavy Distinct Hitters using Associative Memories / 7th International Conference on Distributed Computing Systems (ICDCS 2007), yune 25-29, 2007, Toronto, Ontario, Canada, pp. 247–256.
  • Locher T., Finding Heavy Distinct Hitters in Data Streams / 23rd ACM Symposium on Parallelism in Algorithms and Architectures, San Jose, California, USA, June 2011, 299–308.