Skip to feedback

Award Abstract # 0643906
CAREER: Combating Worm Propagation in Emergent Networks

NSF Org: CNS
Division Of Computer and Network Systems
Recipient: THE PENNSYLVANIA STATE UNIVERSITY
Initial Amendment Date: January 18, 2007
Latest Amendment Date: June 22, 2011
Award Number: 0643906
Award Instrument: Continuing Grant
Program Manager: Jeremy Epstein
CNS  Division Of Computer and Network Systems
CSE  Directorate for Computer and Information Science and Engineering
Start Date: August 15, 2007
End Date: July 31, 2013 (Estimated)
Total Intended Award Amount: $400,000.00
Total Awarded Amount to Date: $432,000.00
Funds Obligated to Date: FY 2007 = $80,000.00
FY 2008 = $80,000.00
FY 2009 = $176,000.00
FY 2011 = $96,000.00
History of Investigator:
  • Sencun Zhu (Principal Investigator)
Recipient Sponsored Research Office: Pennsylvania State Univ University Park
 201 OLD MAIN
 UNIVERSITY PARK
 PA  US  16802-1503
(814)865-1372
Sponsor Congressional District: 15
Primary Place of Performance: Pennsylvania State Univ University Park
 201 OLD MAIN
 UNIVERSITY PARK
 PA  US  16802-1503
Primary Place of Performance
Congressional District:		 15
Unique Entity Identifier (UEI): NPM2J7MSCF61
Parent UEI:
NSF Program(s): Special Projects - CNS,
ADVANCED NET INFRA & RSCH,
TRUSTWORTHY COMPUTING
Primary Program Source: 0100999999 NSF RESEARCH & RELATED ACTIVIT
01000809DB NSF RESEARCH & RELATED ACTIVIT
01000910DB NSF RESEARCH & RELATED ACTIVIT
01001112DB NSF RESEARCH & RELATED ACTIVIT
Program Reference Code(s): 1045, 9178, 9218, 9251, HPCC
Program Element Code(s): 171400, 409000, 779500
Award Agency Code: 4900
Fund Agency Code: 4900
Assistance Listing Number(s): 47.070

ABSTRACT

Sencun Zhu
Pennsylvania State University
0643906
CAREER: Combating Worm Propagation in Emergent Networks
Panel ID: 070111

Abstract


Worms have emerged as one of the leading threats to our
information systems and critical infrastructures. Despite the
tremendous research effort in combating worms, new computer and
system vulnerabilities are continuously reported and new worm
attacks keep succeeding. Another significant trend in worm attacks
is that the number of worm attacks against emergent networks, such
as P2P networks, cellphone networks, and sensor networks, is
rapidly growing. Because of the unique communication models and/or
resource constraints of the emergent networks, most of the
existing solutions for Internet worm defenses are not directly
applicable.

The objective of this project is to combat worm propagation in
these emergent networks. Specifically, various approaches are
designed for rapidly distributing security patches to P2P nodes
infected by worms propagating via file sharing applications and
topological scanning. Also, both device and network sides defenses
are used to contain cellphone worms that propagate through either
multimedia messaging services or Bluetooth interfaces. Finally, it
includes mechanisms to confine worms that propagate by exploiting
the monoculture of sensor programs in sensor networks. The
proposed research will provide fundamental services and tools to
combat worms in emergent networks. It draws upon a variety of
topics including cryptography, graph theory (graph coloring,
percolation theory, partition, dominating set), system (mobile
systems), networking (P2P, cellular network, sensor network) and
statistics. The results of the project will be disseminated widely
through publications and talks, and the proposed research will
also be integrated with the education curricula.

PUBLICATIONS PRODUCED AS A RESULT OF THIS RESEARCH

Note:  When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher. Some full text articles may not yet be available without a charge during the embargo (administrative interval).

Some links on this page may take you to non-federal websites. Their policies may differ from this site.

(Showing: 1 - 10 of 23)
B. Zhao, C. Chi, W. Gao, S. Zhu, G. Cao. "A Chain Reaction DoS Attack on 3G Networks: Analysis and Defenses." IEEE INFOCOM , 2009
B. Zhao, Z. Xu, C. Chi, S. Zhu, and G. Cao "Mirroring Smartphones For Good: A Feasibility Study" Proceedings of the 7th International ICST Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services (Mobiquitous) , 2010
C. Huang, S. Zhu, and D. Wu. "Towards Trusted Services: Result Verification Schemes for MapReduce." Proceedings of the IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGrid) , 2012
D. Kong, Y. Jhi, Q. Pan, S. Zhu, P. Liu, and H. Xi "SAS: Semantics Aware Signature Generation for Polymorphic Worm Detection" Proceedings of International Conference on Security and Privacy in Communication Networks (Securecomm) , 2010
H. Hsu, S. Zhu and A. Hurson. "A Hotspot-based Protocol for Attack Traceback in Mobile Ad Hoc Networks." Proceedings of ACM Symposium on Information, Computer and Communications Security (AsiaCCS) , 2010
Liang Xie and Sencun Zhu "A Feasibility Study on Defending Against Ultra-Fast Topological Worms" Proceedings of The Seventh IEEE International Conference on Peer-to-Peer Computing (P2P'07) , 2007
Liang Xie, Hui Song, and Sencun Zhu "On the Effectiveness of Internal Patch Dissemination against File-sharing Worms" Applied Cryptography and Network Security (ACNS) (Best student paper award) , 2008
Liang Xie, Hui Song, Trent Jaeger, Sencun Zhu; "Towards a Systematic Approach for Cell-phone Worm Containment" Proceedings of the Seventeenth International World Wide Web Conference (WWW 2008) (Poster Track) , 2008
L. Xie, X. Zhang, J. Seifert and S. Zhu. "pBMDS: A Behavior-based Malware Detection System for Cellphone Devices." Proceedings of The ACM Conference on Wireless Network Security (WiSec) , 2010
M. Masud, L. Khan, B. Thuraisingham, X. Wang, P. Liu and S. Zhu "A Data Mining Technique to Detect Remote Exploits" The Fourth IFIP WG 11.9 International Conference on Digital Forensics , 2008
M. Shao, S. Zhu, W. Zhang, G. Cao, Y. Yang. "pDCS: Security and Privacy Support for Data-Centric Sensor Networks." IEEE Transactions on Mobile Computing , v.8 , 2009
(Showing: 1 - 10 of 23)

PROJECT OUTCOMES REPORT

Disclaimer

This Project Outcomes Report for the General Public is displayed verbatim as submitted by the Principal Investigator (PI) for this award. Any opinions, findings, and conclusions or recommendations expressed in this Report are those of the PI and do not necessarily reflect the views of the National Science Foundation; NSF has not approved or endorsed its content.

Major findings:

--we can improve the effectiveness of cellphone worm containment by leveraging social ties among mobile nodes.

--we can detect cellphone malware by distinguishing user and machine behaviors.

--we can model the dynamic behavior of software to identify plagiarism and malware.

--we can leverage the existing P2P infrastructure and its topology information to efficiently distribute security patches in the arms-race with
worm propagation.

--Software-diversity can greatly increase the survivability of a sensor network against sensor worm attacks.

--We can detect social network worms such as koobface worm efficiently with a small number of decoy accounts in a social network.

--It is feasible to identify, based on the binary code, the algorithm that is implemented in a software. We developed an efficient run-time value based mechanism to detect algorithm plagiarism.

--Currently smartphones have many vulnerabilities (by design) which allow information leakage and spam/phishing attacks. The table below shows whether spamming (second column) or phishing (third column) is possible for different mobile phone platforms (first column).
Please report errors in award information by writing to: awardsearch@nsf.gov.

Print this page

Back to Top of page

Top