Optimum identification of worm-infected hosts

Noriaki Kamiyama; Tatsuya Mori; Ryoichi Kawahara; Shigeaki Harada

doi:10.1007/978-3-540-87357-0_9

Optimum identification of worm-infected hosts

Noriaki Kamiyama^*, Tatsuya Mori, Ryoichi Kawahara, Shigeaki Harada

^*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

The authors have proposed a method of identifying superspreaders by flow sampling and a method of extracting worm-infected hosts from the identified superspreaders using a white list. However, the problem of how to optimally set parameters, φ, the measurement period length, m ^*, the identification threshold of the flow count m within φ, and H ^*, the identification probability for hosts with m∈=∈m ^*, remains unsolved. These three parameters seriously affect the worm-spreading property. In this paper, we propose a method of optimally designing these three parameters to satisfy the condition that the ratio of the number of active worm-infected hosts divided by the number of all the vulnerable hosts is bound by a given upper-limit during the time T required to develop a patch or an anti-worm vaccine.

Original language	English
Title of host publication	IP Operations and Management - 8th IEEE International Workshop, IPOM 2008, Proceedings
Pages	103-116
Number of pages	14
DOIs	https://doi.org/10.1007/978-3-540-87357-0_9
Publication status	Published - 2008 Nov 28
Externally published	Yes
Event	8th IEEE International Workshop on IP Operations and Management, IPOM 2008 - Samos Island, Greece Duration: 2008 Sep 22 → 2008 Sep 26

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	5275 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	8th IEEE International Workshop on IP Operations and Management, IPOM 2008
Country/Territory	Greece
City	Samos Island
Period	08/9/22 → 08/9/26

Keywords

Detection
Optimum design
Sampling
Worm

ASJC Scopus subject areas

Theoretical Computer Science
Computer Science(all)

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

Access to Document

10.1007/978-3-540-87357-0_9

Cite this

Kamiyama, N., Mori, T., Kawahara, R., & Harada, S. (2008). Optimum identification of worm-infected hosts. In IP Operations and Management - 8th IEEE International Workshop, IPOM 2008, Proceedings (pp. 103-116). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 5275 LNCS). https://doi.org/10.1007/978-3-540-87357-0_9

Optimum identification of worm-infected hosts. / Kamiyama, Noriaki; Mori, Tatsuya; Kawahara, Ryoichi et al.

IP Operations and Management - 8th IEEE International Workshop, IPOM 2008, Proceedings. 2008. p. 103-116 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 5275 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Kamiyama, N, Mori, T, Kawahara, R & Harada, S 2008, Optimum identification of worm-infected hosts. in IP Operations and Management - 8th IEEE International Workshop, IPOM 2008, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 5275 LNCS, pp. 103-116, 8th IEEE International Workshop on IP Operations and Management, IPOM 2008, Samos Island, Greece, 08/9/22. https://doi.org/10.1007/978-3-540-87357-0_9

@inproceedings{e39ae1c8c5ec44378dafcffb99e5e4c3,

title = "Optimum identification of worm-infected hosts",

abstract = "The authors have proposed a method of identifying superspreaders by flow sampling and a method of extracting worm-infected hosts from the identified superspreaders using a white list. However, the problem of how to optimally set parameters, φ, the measurement period length, m *, the identification threshold of the flow count m within φ, and H *, the identification probability for hosts with m∈=∈m *, remains unsolved. These three parameters seriously affect the worm-spreading property. In this paper, we propose a method of optimally designing these three parameters to satisfy the condition that the ratio of the number of active worm-infected hosts divided by the number of all the vulnerable hosts is bound by a given upper-limit during the time T required to develop a patch or an anti-worm vaccine.",

keywords = "Detection, Optimum design, Sampling, Worm",

author = "Noriaki Kamiyama and Tatsuya Mori and Ryoichi Kawahara and Shigeaki Harada",

year = "2008",

month = nov,

day = "28",

doi = "10.1007/978-3-540-87357-0_9",

language = "English",

isbn = "3540873562",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

pages = "103--116",

booktitle = "IP Operations and Management - 8th IEEE International Workshop, IPOM 2008, Proceedings",

note = "8th IEEE International Workshop on IP Operations and Management, IPOM 2008 ; Conference date: 22-09-2008 Through 26-09-2008",

}

TY - GEN

T1 - Optimum identification of worm-infected hosts

AU - Kamiyama, Noriaki

AU - Mori, Tatsuya

AU - Kawahara, Ryoichi

AU - Harada, Shigeaki

PY - 2008/11/28

Y1 - 2008/11/28

N2 - The authors have proposed a method of identifying superspreaders by flow sampling and a method of extracting worm-infected hosts from the identified superspreaders using a white list. However, the problem of how to optimally set parameters, φ, the measurement period length, m *, the identification threshold of the flow count m within φ, and H *, the identification probability for hosts with m∈=∈m *, remains unsolved. These three parameters seriously affect the worm-spreading property. In this paper, we propose a method of optimally designing these three parameters to satisfy the condition that the ratio of the number of active worm-infected hosts divided by the number of all the vulnerable hosts is bound by a given upper-limit during the time T required to develop a patch or an anti-worm vaccine.

AB - The authors have proposed a method of identifying superspreaders by flow sampling and a method of extracting worm-infected hosts from the identified superspreaders using a white list. However, the problem of how to optimally set parameters, φ, the measurement period length, m *, the identification threshold of the flow count m within φ, and H *, the identification probability for hosts with m∈=∈m *, remains unsolved. These three parameters seriously affect the worm-spreading property. In this paper, we propose a method of optimally designing these three parameters to satisfy the condition that the ratio of the number of active worm-infected hosts divided by the number of all the vulnerable hosts is bound by a given upper-limit during the time T required to develop a patch or an anti-worm vaccine.

KW - Detection

KW - Optimum design

KW - Sampling

KW - Worm

UR - http://www.scopus.com/inward/record.url?scp=56649111112&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=56649111112&partnerID=8YFLogxK

U2 - 10.1007/978-3-540-87357-0_9

DO - 10.1007/978-3-540-87357-0_9

M3 - Conference contribution

AN - SCOPUS:56649111112

SN - 3540873562

SN - 9783540873563

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 103

EP - 116

BT - IP Operations and Management - 8th IEEE International Workshop, IPOM 2008, Proceedings

T2 - 8th IEEE International Workshop on IP Operations and Management, IPOM 2008

Y2 - 22 September 2008 through 26 September 2008

ER -

Optimum identification of worm-infected hosts

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

UN SDGs

Access to Document

Other files and links

Fingerprint

Cite this