• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.1
• /
• pp.421-433
• /
• 2015

Recently, there have been fast-growing social network services based on the Internet environment and web technology development, the prevalence of smartphones, etc. Social networks also allow the users to convey the information and news so that they have a great influence on the public opinion formed by social interaction among users as well as the spread of information. On the other hand, these social networks also serve as perfect environments for rampant malware. Malware is rapidly being spread because relationships are formed on trust among the users. In this paper, an effective patch strategy is proposed to deal with malicious worms based on social networks. A graph is formed to analyze the structure of a social network, and subgroups are formed in the graph for the distributed patch strategy. The weighted directions and activities between the nodes are taken into account to select reliable key nodes from the generated subgroups, and the Incremental PageRanking algorithm reflecting dynamic social network features (addition/deletion of users and links) is used for deriving the high influential key nodes. With the patch based on the derived key nodes, the proposed method can prevent worms from spreading over social networks.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.1
• /
• pp.71-76
• /
• 2013

A computer worm is a standalone malware computer program that probes and exploits vulnerabilities of systems. It replicates and spreads itself to other computers via networks. In this paper, we study how to detect and prevent worms. First, we generated Codered II traffic on the emulated testbed called Deterlab. Then we identified dubious parts using Earlybird and wrote down Snort rules using Wireshark. Finally, by applying the Snort rules to the traffic, we could confirmed that worm detection was successfully done.