Talk With an Expert

Worm Propagation and Countermeasures

Worm Propagation and Countermeasures (PDF, 3.58MB)Published: 09 Jun, 2004
Created by
Glenn Gebhart

Recent history has amply demonstrated the threat that worms pose to the Internet and those who rely on its correct functioning. Most of the damage done by worms can be traced to the burden they place on networks due to their characteristic exponential growth as they seek to propagate themselves. As such, if security professionals can develop a framework for preventing worm propagation then they can significantly reduce the risk that worms pose to the Internet. This paper is an attempt to approach the problem of worm control in a systematic fashion. Beginning with a motivating discussion of the current threat posed by worms, it moves on to examine a selection of the most notorious worms both old and new. Highlighting the commonalities of these worms allows for the synthesis of a general model of worm propagation. Analysis of this model shows that the process of worm propagation has a number of steps, each one of which can potentially be disrupted through the deployment of the appropriate security technology. A discussion then follows of the technologies that can be deployed at each step to prevent, contain, or slow the spread of worms.