What is it about?
In this paper, we consider the problem of estimating the infection probability of nodes in backward time steps of worm propagation with Bayesian networks. The infection probability of a node at each time depends on the out-degree of the node and the number of infectious nodes at that time. It is assumed that we have prior knowledge of worm infection parameters and also the number of susceptible, infectious and removed nodes at a time of worm propagation. The out_degree of a node is needed at each time step for estimation. It also needs to learn a degree distribution model over time based on the observation of historical out_degree of nodes in the network when the spread of worm happens. We applied simulations to study the accuracy of our probability distribution. The results of simulation indicate that the probability distribution predicts the infection probability of nodes at each prior time step with high accuracy. This method can be used to infer the origin and worm propagation path. This method has low storage and computational requirements, and also less limiting assumptions compared to other methods of estimating the origin nodes of epidemic spread.
Featured Image
Why is it important?
It helps digital investigators to find clues about possible nodes who have initially propagated the computer worm in the network.
Perspectives
When a worm spreads in a network, there is a need for computer forensic investigators to know who is responsible for it and how it has spread in the network. This research helps them for further investigations,
Tala Tafazzoli
Amirkabir University of Technology
Read the Original
This page is a summary of: Worm infectious probability distribution with back-to-origin model , IET Communications, September 2017, the Institution of Engineering and Technology (the IET),
DOI: 10.1049/iet-com.2016.0835.
You can read the full text:
Contributors
The following have contributed to this page
