Slashdot Mirror

← Back to Stories (view on slashdot.org)

Malicious Distributed Computing

Posted by michael on from the ubiquity dept.

Jeremy Erwin writes "In this whitepaper, Brandon Wiley suggests a possible design for a "superworm", a coordinated network of worm nodes. Typically worms are designed to infect as many hosts as possible, but as overly rapid growth can lead to early detection, this is a suboptimal strategy. The worm, dubbed Curious Yellow uses communication between worm nodes to ensure optimal infection rates."

3 of 207 comments (clear)

  1. No need for inter-worm communications by Anonymous Coward · · Score: 5, Insightful

    It is quite simple actually. You program your worm to accept an attack range upon installation. Then you divide the IP space on every successful attack. If you start with 64 worms installs, give each worm 1/64th of the ip space to scan. Each worm would then scan/infect and pass down a smaller block. You would infect in a tree like pattern, possibly doubling up scanning efforts.

    For example:

    64 initial worms go out at /6 bit boundries. They plan on installing 64 worms each giving each sub worm /12 bit networks to scan. Then /18, /24, /30

    With a little bit more intelligence you can target the worms on major ISP DSL/Cable networks to infect the home machines.

    1. Re:No need for inter-worm communications by dabuk · · Score: 5, Insightful
      It would be quite easy for the worm to get stalled in that case. If the worm that is supposed to infect one bit of the IP space gets detected and removed or if there is anything that would stop that machine infecting its IP space (like it's firewalled) then that bit of the IP space is never going to get infected.

      But if you combined those two schemes you could get worms reporting back that they're not getting anywhere and a new worm could start on that space.

  2. Re:Um, why?? by Pedrito · · Score: 5, Insightful

    It's absolutely responsible. Why wait for it to happen when you can warn about the possibility and actually give people a chance to build a defense before someone builds the weapon?

    Besides, he's not the first person to think along these lines. Though he has a number of ideas I had never considered, I had come up with an idea for a worm that would build a peer to peer network to coordinate its activities and prevent it from spreading too quickly.

    His idea for having it update itself against anti-virus software is something I hadn't considered and is quite ingenius, I think.

    I wouldn't have ever written such a program as I have too much useful software ot write to waste my time, but I've certainly thought of ideas on how one might go about it. If I have, and he has, then chances are, so have others, and eventually someone who has the time and motivation will actually do it, so best to protect against it now.