Date of Award
Master of Science
Electrical and Computer Engineering
Treacherous worms can compromise thousands of hosts in a very short time. Mitigating these worm threat requires prompt and effective containment strategies. Containing the fast propagating worm is a difficult task and hence is a ongoing area of interest for many researchers. Many containment systems have been proposed including anomaly detection, address blacklisting and signature-based content filtering. Meanwhile recently developed worm models enable us to develop a testbed to accurately and quickly evaluate the efficiency of these defense mechanisms. In this thesis, we present a testbed which utilizes software agents to achieve large scale simulation and maintain functionality of each individual host. In addition, our proposed containment systems are evaluated using this testbed in terms of security and performance tradeoff. For the purpose of evaluation, the testbed is firstly exposed to analyze normal network and worm behavior pursued by multiple containment tactics. Our results indicate that a dynamic containment system achieves better performance and security. We believe our testbed is an effective tool to explore and evaluate varying worm containment systems.
This thesis is only available for download to the SIUC community. Current SIUC affiliates may also access this paper off campus by searching Dissertations & Theses @ Southern Illinois University Carbondale from ProQuest. Others should contact the interlibrary loan department of your local library or contact ProQuest's Dissertation Express service.