Mr.
By: July • Essay • 1,073 Words • January 25, 2010 • 742 Views
Join now to read essay Mr.
Research Critique
Introduction
The ability of the attackers to rapidly gain control of vast number of Internet hosts poses an immense threat to the overall security of the Internet (Staniford, Paxson & Weaver, 2002). Once compromised, these hosts can not only be used for massive Distributed Denial of Service (DDoS) attacks, but also steal or corrupt great quantities of sensitive information by confusing and disrupting the network in more subtle ways (Honeynet, 2005).
The attackers accomplish this task by sending an intrusion agent commonly known as ‘worm’. There are “two major types of malicious codes in the wild” (Todd, 2003, pp. 2). These codes are differentiated by their means of propagation: worms are self-replicating, self-propagating, whereas, viruses require some form of human interaction. Much like biological viruses cause disease in humans by compromising their body defence mechanism, a worm can not only damage or shut down host or networks but they are also mutating and becoming more complex. Worms can carry payloads designed for specific malicious intent (Todd, 2003). According to Geer (2005) there is a less familiar threat that many experts say could be just as dangerous: malicious bot software. According to Nazario et al. the evolution of the Internet worms will prove to be more difficult to identify and eradicate (Nazario, Anerson, Wash & Connelly, 2001).
Hackers can install bots on multiple computers to set up “Malnets” or “Botnets” that they can use for massive DDoS attacks. Network security experts identify and shut down Malnets with 10 to 100 compromised hosts several times a day. Large malnets with 10,000 compromised hosts are rare but they still happen weekly, besides security investigators have found one malnet of 100,000 computers (Johannes, 2004).
Rationale for selecting this article:
Long before the first known massive worm infection on the internet in 1988, the researchers had already started taking interest in self-propagating and self-replicating software. First article that discussed self-replicating code within a C compiler appeared in 1984 by Thompson. Morris worm was launched in 1988, which had a devastating effect on the Internet (Todd, 2003).
Most research conducted so far has focused on modeling and detection of the Internet worm propagation. However, the final objective of the research is containment and elimination of these worms, which has not received enough research (Zheng & Duan).
This paper discusses the possible future network attack which will probably use an organized army of malicious nodes called malnets. These malnets are capable of delivering many different types of attacks. According to several researchers who are working on finding out how the malicious worms propagate on the internet the ground has already been set (Honeynet, 2005; Zheng & Duan; Geer, 2005; Staniford, Paxson & Weaver, 2002). However, “partly due to the lack of understanding of the resiliency and efficiency a malnet can have, countering malnets has been ineffective” (Li, Ehrenkranz & Kuenning, 2005).
Placement of the article in the literature
The paper is very recent and appeared in 2005. Since the paper has an interesting and unique topic both in security of the Internet and how distributed systems of malicious bots work it can be considered both as emerging seminal work and supporting the existing literature. The literature on self-propagating code emerged four years before (Thompson, 1984) the actual Morris worm attack in 1988, and made the paper a classic. The authors of this article utilize all resources at their disposal to address the major problem in the modern Internet. According to the authors the second-wave attack can be very devastating and can disrupt the entire internet.
Research question addressed in this paper
The authors of this paper give a new term for Botnets which is commonly used in the literature and call it malnets. The network of compromised computers which work as an organized distributed system and first justifies why it is important to understand the efficiency and resiliency of the malnets. The authors then use calculation and simulation to study the efficiency