Malicous Mobile Code Experiments

The automated spread of worms such as Code-Red,§SQL/Slammer and Nimda have caused costly problems to§computers connected to the Internet. Even users whose§machines were not vulnerable to these threats§suffered a loss of productivity and experienced great§frustration as connectivity and network traffic were§negatively impacted during outbreaks. Although the§number of new worm attacks reported in the media§seems to be declining, it is vital that researchers§study the effects of malicious code on the global§network to understand how to defend against future§threats. The choice of system for studying the spread§of worms and viruses in this work was Hephaestus, a§discrete-event network simulator, developed during§the course of the author's dissertation. The book§reports the results of several experiments on§self-replicating malicious computer code including§the validation of the simulator through a study of§the spread of Code-Red, efficiently defending against§email-based worms and distributing policy information§in an enterprise network as well as a theoretical§insight concerning spread metrics and how the damage§caused by malicious code should be measured. The automated spread of worms such as Code-Red,§SQL/Slammer and Nimda have caused costly problems to§computers connected to the Internet. Even users whose§machines were not vulnerable to these threats§suffered a loss of productivity and experienced great§frustration as connectivity and network traffic were§negatively impacted during outbreaks. Although the§number of new worm attacks reported in the media§seems to be declining, it is vital that researchers§study the effects of malicious code on the global§network to understand how to defend against future§threats. The choice of system for studying the spread§of worms and viruses in this work was Hephaestus, a§discrete-event network simulator, developed during§the course of the author''s dissertation. The book§reports the results of several experiments on§self-replicating malicious computer code including§the validation of the simulator through a study of§the spread of Code-Red, efficiently defending against§email-based worms and distributing policy information§in an enterprise network as well as a theoretical§insight concerning spread metrics and how the damage§caused by malicious code should be measured.