Computer Virus Spread Containment Using Feedback Control.

PDF Version Also Available for Download.

Description

In this research, a security architecture based on the feedback control theory has been proposed. The first loop has been designed, developed and tested. The architecture proposes a feedback model with many controllers located at different stages of network. The controller at each stage gives feedback to the one at higher level and a decision about network security is taken. The first loop implemented in this thesis detects one important anomaly of virus attack, rate of outgoing connection. Though there are other anomalies of a virus attack, rate of outgoing connection is an important one to contain the spread. Based ... continued below

Creation Information

Yelimeli Guruprasad, Arun December 2004.

Context

This thesis is part of the collection entitled: UNT Theses and Dissertations and was provided by UNT Libraries to Digital Library, a digital repository hosted by the UNT Libraries. It has been viewed 702 times , with 6 in the last month . More information about this thesis can be viewed below.

Who

People and organizations associated with either the creation of this thesis or its content.

Publisher

Rights Holder

For guidance see Citations, Rights, Re-Use.

  • Yelimeli Guruprasad, Arun

Provided By

UNT Libraries

With locations on the Denton campus of the University of North Texas and one in Dallas, UNT Libraries serves the school and the community by providing access to physical and online collections; The Portal to Texas History and UNT Digital Libraries; academic research, and much, much more.

Contact Us

What

Descriptive information to help identify this thesis. Follow the links below to find similar items on the Digital Library.

Description

In this research, a security architecture based on the feedback control theory has been proposed. The first loop has been designed, developed and tested. The architecture proposes a feedback model with many controllers located at different stages of network. The controller at each stage gives feedback to the one at higher level and a decision about network security is taken. The first loop implemented in this thesis detects one important anomaly of virus attack, rate of outgoing connection. Though there are other anomalies of a virus attack, rate of outgoing connection is an important one to contain the spread. Based on the feedback model, this symptom is fed back and a state model using queuing theory is developed to delay the connections and slow down the rate of outgoing connections. Upon implementation of this model, whenever an infected machine tries to make connections at a speed not considered safe, the controller kicks in and sends those connections to a delay queue. Because of delaying connections, rate of outgoing connections decrease. Also because of delaying, many connections timeout and get dropped, reducing the spread. PID controller is implemented to decide the number of connections going to safe or suspected queue. Multiple controllers can be implemented to control the parameters like delay and timeout. Control theory analysis is performed on the system to test for stability, controllability, observability. Sensitivity analysis is done to find out the sensitivity of the controller to the delay parameter. The first loop implemented gives feedback to the architecture proposed about symptoms of an attack at the node level. A controller needs to be developed to receive information from different controllers and decision about quarantining needs to be made. This research gives the basic information needed for the controller about what is going on at individual nodes of the network. This information can also be used to increase sensitivity of other loops to increase the effectiveness of feedback architecture.

Subjects

Language

Identifier

Unique identifying numbers for this thesis in the Digital Library or other systems.

Collections

This thesis is part of the following collection of related materials.

UNT Theses and Dissertations

Theses and dissertations represent a wealth of scholarly and artistic content created by masters and doctoral students in the degree-seeking process. Some ETDs in this collection are restricted to use by the UNT community.

What responsibilities do I have when using this thesis?

When

Dates and time periods associated with this thesis.

Creation Date

  • December 2004

Added to The UNT Digital Library

  • Feb. 15, 2008, 3:43 p.m.

Description Last Updated

  • July 1, 2015, 4:02 p.m.

Usage Statistics

When was this thesis last used?

Yesterday: 0
Past 30 days: 6
Total Uses: 702

Interact With This Thesis

Here are some suggestions for what to do next.

Start Reading

PDF Version Also Available for Download.

Citations, Rights, Re-Use

Yelimeli Guruprasad, Arun. Computer Virus Spread Containment Using Feedback Control., thesis, December 2004; Denton, Texas. (digital.library.unt.edu/ark:/67531/metadc4675/: accessed August 23, 2017), University of North Texas Libraries, Digital Library, digital.library.unt.edu; .