Abstract:
Peer to Peer networks are responsible for large amount of internet traffic today. They started with the motive of content distribution and have now entered mission critical applications like Skype. But with the increase in usage they have also become vulnerable and an attractive target for attacks by internet worms.
In this dissertation we discuss several propagation models, attack techniques, detection methods and control strategies of internet worms. In most of the methods it is not possible to timely detect and put a halt on worm spread. Also many methods suffer from false alarms and require human countermeasure to remove infected host from a Peer to Peer Network. In this dissertation we use a dynamic quarantine model which is based on the principle "assume guilty before proven innocent". To reduce false alarms we introduce a system for getting feedback in the dynamic quarantine model, which works by collecting behavioral information from the neighbors of an abnormally behaving node and comparing weighted Euclidean differences of behaviors with a threshold.
Simulation results show that our model is better than most of the pre existing models in terms of reducing the maximum number of infected hosts and reducing false alarms
