USING IP PROFILING AND INTERFACE OF ROUTER TO DEFEND AGAINST DDOS ATTACKS

Anti-Worm System based on Propagation Signature

Kangsan Lee : Digital Vaccine and Internet Immune System Lab. Graduate School of Information and Communication, Ajou University, Suwon 443-749, Republic of Korea.
(TEL) +82-31-219-1809 (FAX) +82-31-219-1811 (E-Mail) leekangsan@ajou.ac.kr
(URL) http://iislab.ajou.ac.kr

Manpyo Hong : Digital Vaccine and Internet Immune System Lab. Graduate School of Information and Communication, Ajou University, Suwon 443-749, Republic of Korea.
(TEL) +82-31-219-2438 (FAX) +82-31-219-1614 (E-Mail) mphong@ajou.ac.kr
(URL) http://iislab.ajou.ac.kr

Wonil Kim: Sejong University, Seoul 143-747, Republic of Korea.
(TEL) +82-2-3408-3795 (FAX) (E-Mail) wikim@sejong.ac.kr
(URL) http://dasan.sejong.ac.kr/~wikim

Abstract

Active worms replicate themselves and spread through the Internet in very short time. The spread of worm exhausts network bandwidth and even disrupts the Internet. Due to this high propagation of worm, it is very hard to react effectively. We propose the Propagation Signature Anti-Worm System (PSAW) that detects the initial worm propagation and blocks the propagation automatically. PSAW exploits common features of worm packets. It saves recurring patterns of worm packets as a propagation signature and exchanges it with other PSAWs. It slows down or even stops the new worm propagation by exchanging the propagation signature. PSAW is deployed at the edge routers of ISP and provides anti-worm service to its customers.

Short Biography

Kangsan Lee : Kangsan Lee is an MS Student in the Graduate School of Information and Communication at Ajou University. His current research interests are security and privacy problems and countermeasures in Ubiquitous environment.

Before he joined the student of Ajou University in 2004, he received a BS degree from the Department of information and computer science, Ajou University, in 2004.

Manpyo Hong : Manpyo Hong is a professor in the Graduate School of Information and Communication at Ajou University. His current research interests are in Ubiquitous security, Information security (Worm, Virus and DDoS) and parallel processing.

Before he joined the faculty of Ajou University in 1985, he was an instructor in the College of Engineering at Ulsan National University from 1983 to 1985 and an exchange professor at Minnesota State University from 1993 to 1994, a exchange professor at the George Washington University from 2000 to 2001. He received a BS degree from the Department of Statistics, Seoul National University, in 1981; an MS degree from the Department of Statistics, Seoul National University, in 1983; a Ph.D degree from the Department of Parallel processing, Seoul National University, in 1991.