A DISTRIBUTED FRAMEWORK FOR PASSIVE

WORM DETECTION AND

THROTTLING IN P2P NETWORKS

GUIDED BY TEAM MEMBERS

MR.K.MAHARAJAN.M.E S.KUMAR. IV CSE-A

(LEC/CSE-‘A’) V.LAKSHMANAN. IV CSE-A
M.MAHARAJAN. IV CSE-A
Abstract
The systems get affected due to worms and viruses. If worm enters the system it
immediately starts affecting the system activities. Also the system gets slower. If it is a
distributed system and many systems are connected in peer to peer format then the systems
that are connected to the infected system may also get affected. In order to prevent the
system from worm, passive worm detection method is used. In this method, one system in a
network acts as guardian system and other system in the network acts as child system. If any
system is affected by worm, the request is given to the guardian system. The guardian system
sends an alert message to other systems in the network. By using patch framework the
guardian system rectifies the worm problem from the child system. Hence the system is
detected from worms.

1. Existing System
In the existing system, if a system is affected by worm it is cleared by using antivirus
software. But if the operating system of a system gets affected by worm it is impossible to
clear it. As a result the operating system has to be formatted and a new operating system only
should be installed.

2. Proposed System
In the proposed system, one system acts as a guardian system and other systems in the
network acts as child system. If any system in the network gets affected by worm, the request
is given to the guardian system. The patch framework is given to the affected system by the
guardian system. And with the help of the patch framework, the worm in the affected system
is cleared.

3. Modules
 Detection Phase
 Analysis & Confirmation of Threat
 Patch Selection
 Patch Propagation
4. System Architecture

Fig: System Architecture

5. Data Flow Diagram

Fig: Data Flow Diagram

6. Software & Hardware Requirements

6.1Software Requirements

 Java1.5 or More

 Linux

6.2Hardware Requirements

 Hard disk : 40 GB

 RAM : 128mb

 Processor : Pentium
References

[1]Worm Propagation Modeling and Analysis under Dynamic Quarantine Defense

Cliff Changchun Zou, Weibo Gong, Don Towsley,
Univ. Massachusetts Amherst, MA

[2]Worm Propagation Modeling and Analysis under Dynamic Quarantine Defense

Cliff Changchun Zou, Weibo Gong, Don Towsley,
Univ. Massachusetts Amherst, MA

[3]On the Performance of Internet Worm Scanning Strategies

Cliff Changchun Zou., Don Towsley†, Weibo Gong.
Univ. Massachusetts, Amherst
[4]Modelling the Spread of Active Worm
Zesheng Chen (Georgia Tect), Lixin Gai(U Mass), Kevin Kwiat (AFRL)
[5]Slowing down Internet Worms
Shigang Chen, Yong Tang (UFL, Gainsville)
[6]Comparing Active and Passive Worm Defenses
Michael Liljenstam David M. Nicol (UIUC, Urbana Champaigne)
[7]Routing Worm: A Fast, Selective Attack Worm based on IP Address Information
Cliff C. Zou., Don Towsley†, Weibo Gong., Songlin Cai
Univ. Massachusetts, Amherst
[8]Worms as Attack Vectors: Theory, Threats, and Defenses
A Practical Assignment, submitted in partial requirement for GSEC
certification (GIAC Security Essentials Certification Matthew Todd, Ph.D.
[9]The Future of Internet Worms
Jose Nazario, with Jeremy Anderson, Rick Wash and Chris Connelly
Crimelabs research
[10] William Stallings, “Cryptography and Network Security, Principles and Practice”,
Second Edition, Prentice Hall Publishing, ISBN-13: 9780130914293

Websites

[1] Napster homepage, http://www.napster.com/

[2] Gnutella homepage, http://www.gnutella.com/

[3] www.cim.mcgill.ca/~sveta/COMP102/P2P.pdf
\