Abstract
The notion of worm-killing worm has been in the folklore for some time. However the obvious fear of the killer worm itself being compromised, or of any self-propagating code set loose (possibly over administrative boundaries), has barred serious exploration on the practical aspects of the idea. In this paper, we suspend such concerns momentarily, and investigate its functional validity. This effort is motivated by recent fast worm epidemics exemplified by that of SQL Slammer, which was overwhelmingly faster than traditional human-intervened response. Specifically, this paper evaluates the killer worm in terms of the prevention effect and the incurred traffic cost. Above and beyond, we consider supplementary techniques that could boost the performance and mitigate the harmful side-effects of the worm-killing worm.
Original language | English |
---|---|
Pages (from-to) | 1902-1906 |
Number of pages | 5 |
Journal | IEEE International Conference on Communications |
Volume | 4 |
Publication status | Published - 2004 |
Event | 2004 IEEE International Conference on Communications - Paris, France Duration: 2004 Jun 20 → 2004 Jun 24 |
Keywords
- Bandwidth
- Epidemic
- Prevention
- Speed
- Worm
ASJC Scopus subject areas
- Computer Networks and Communications
- Electrical and Electronic Engineering