无线环境下恶意程序的传播机制研究
|
摘要
随着无线网络种类的增多和应用范围的越来越广,恶意程序已成为无线网络所面临的重要威胁之一。近年来,恶意程序的研究已成为国际上网络安全和信息安全领域最前沿和最活跃的研究方向之一,无线环境下恶意程序的研究已经开始成为恶意程序研究领域的一个新热点。
针对不同的无线网络环境,本文在研究无线环境下恶意程序传播模型的基础上,分析和探讨了移动Ad hoc网络、无线传感器网络、无线蓝牙网络及车载网络中恶意程序的传播机制。仿真实验结果表明,本文所提出的一系列模型均能较好地描述无线环境下恶意程序的传播机制,这就为采取相应的控制策略来防御无线网络中的恶意程序奠定了一定的理论基础。
归纳起来,本文的研究成果主要体现在以下几个方面:
1.在总结计算机病毒、蠕虫等恶意代码定义的基础上,归纳了恶意程序的定义,同时,还提出了移动恶意程序的概念。
2.在分析和比较了几种传统的流行病模型后,着重讨论了如何改进传统的流行病模型来描述无线环境下恶意程序传播,即必须把无线网络的一些特征参数引入到传统的流行病模型中。
3.提出了一种移动Ad hoc网络中恶意程序的传播模型,并研究了在该网络中恶意程序的传播机制。
4.在分析无线传感器网络中恶意程序传播的TWPM模型后,提出了一种描述基于IEEE 802.15.4标准的无线传感器网络中恶意程序的传播模型,并研究了在该网络中恶意程序的传播机制。
5.提出了一种描述蓝牙环境下恶意程序传播的概率模型,并研究了在该网络中恶意程序的传播机制。
6.分析了一种描述车载网络中恶意程序传播的模型,并研究了在该网络中恶意程序的传播机制。
With the increase of the varieties of wireless networks and the growth of their applications, the attack of malware has become one of the most important threats confronted by wireless networks. Recently, the study on malware attacks has been one of the most advanced and active topics in the fields of network and information security of the world. The study of malware attack in wireless environment has begun to be a newly arisen topic in the fields of malware research.
For different wireless environments, such as Mobile Ad hoc Network (MANET), Wireless Sensor Network (WSN), Bluetooth and Vehicle Ad hoc Network (VANET), the propagation mechanisms are analyzed and discussed based on the study of propagation models of malware. The results of simulation experiments show that, the models presented in this paper can better describe the propagation mechanism of malware in wireless environments, which forms the foundation of designing corresponding control strategies to resist wireless malware.
In sum, the main research production achieved in the paper is given as follows:
1. Based on summarizing the definitions of such malicious codes as computer virus, worms, a new malware definition is proposed. At the same time, the concept of mobile malware is also proposed.
2. After analyzing and comparing several kinds of propagation models of epidemics, we mainly discuss how to improve the traditional epidemic models to describe the propagation mechanism of malware in wireless environment. The conclusion is that the characteristic parameters of wireless networks must be introduced into the traditional epidemic model.
3. A propagation model of malware in MANETs is presented, and the propagation mechanism of malware in such network is also studied.
4. A propagation model of malware in IEEE 802.15.4-based WSN is proposed after analyzing the TWPM propagation model of malware in it, and the propagation mechanism of malware in such network is also studied.
5. A probability model of malware propagation in Bluetooth environment is presented, and the propagation mechanism of malware in such network is researched.
6. A malware propagation model in VANET is analyzed and the propagation mechanism of malware in it is studied.
针对不同的无线网络环境,本文在研究无线环境下恶意程序传播模型的基础上,分析和探讨了移动Ad hoc网络、无线传感器网络、无线蓝牙网络及车载网络中恶意程序的传播机制。仿真实验结果表明,本文所提出的一系列模型均能较好地描述无线环境下恶意程序的传播机制,这就为采取相应的控制策略来防御无线网络中的恶意程序奠定了一定的理论基础。
归纳起来,本文的研究成果主要体现在以下几个方面:
1.在总结计算机病毒、蠕虫等恶意代码定义的基础上,归纳了恶意程序的定义,同时,还提出了移动恶意程序的概念。
2.在分析和比较了几种传统的流行病模型后,着重讨论了如何改进传统的流行病模型来描述无线环境下恶意程序传播,即必须把无线网络的一些特征参数引入到传统的流行病模型中。
3.提出了一种移动Ad hoc网络中恶意程序的传播模型,并研究了在该网络中恶意程序的传播机制。
4.在分析无线传感器网络中恶意程序传播的TWPM模型后,提出了一种描述基于IEEE 802.15.4标准的无线传感器网络中恶意程序的传播模型,并研究了在该网络中恶意程序的传播机制。
5.提出了一种描述蓝牙环境下恶意程序传播的概率模型,并研究了在该网络中恶意程序的传播机制。
6.分析了一种描述车载网络中恶意程序传播的模型,并研究了在该网络中恶意程序的传播机制。
With the increase of the varieties of wireless networks and the growth of their applications, the attack of malware has become one of the most important threats confronted by wireless networks. Recently, the study on malware attacks has been one of the most advanced and active topics in the fields of network and information security of the world. The study of malware attack in wireless environment has begun to be a newly arisen topic in the fields of malware research.
For different wireless environments, such as Mobile Ad hoc Network (MANET), Wireless Sensor Network (WSN), Bluetooth and Vehicle Ad hoc Network (VANET), the propagation mechanisms are analyzed and discussed based on the study of propagation models of malware. The results of simulation experiments show that, the models presented in this paper can better describe the propagation mechanism of malware in wireless environments, which forms the foundation of designing corresponding control strategies to resist wireless malware.
In sum, the main research production achieved in the paper is given as follows:
1. Based on summarizing the definitions of such malicious codes as computer virus, worms, a new malware definition is proposed. At the same time, the concept of mobile malware is also proposed.
2. After analyzing and comparing several kinds of propagation models of epidemics, we mainly discuss how to improve the traditional epidemic models to describe the propagation mechanism of malware in wireless environment. The conclusion is that the characteristic parameters of wireless networks must be introduced into the traditional epidemic model.
3. A propagation model of malware in MANETs is presented, and the propagation mechanism of malware in such network is also studied.
4. A propagation model of malware in IEEE 802.15.4-based WSN is proposed after analyzing the TWPM propagation model of malware in it, and the propagation mechanism of malware in such network is also studied.
5. A probability model of malware propagation in Bluetooth environment is presented, and the propagation mechanism of malware in such network is researched.
6. A malware propagation model in VANET is analyzed and the propagation mechanism of malware in it is studied.
引文
[1] Jon Kleinberg. The wireless epidemic. Nature. Vol.449(2007):287-288.
[2] Mikko Hypponen. Malware goes mobile. Scientific American, 2006:70-77.
[3] S. Toyssy, M. Helenius. About malicious software in smartphones. J. Comput. Virol.(2006) 2: 109-119.
[4] Symantec. VBS.Timofonica. http://www.symantec.com/avcenter/venc/data/
[5] Symantec. SymbOS.Cabir. http://secrityresponse.symantec.com/avcenter/data/
[6] James W. Mickens, Brian D. Noble. Modeling epidemic spreading in mobile environments. WiSE’05, September 2nd , 2005, Cologne, Germany.
[7] 3G Security Architecture (Release 5). http://www.3gpp.org/
[8] Mobile Boradband Wireless Access (MBWA). IEEE 802.20, http://www.ieee.org/
[9] Broadband Wireless Access (BBWA). IEEE 802.16, http://www.ieee.org/
[10] Bruno. R., Conti. M., Gregori. E.. Mesh Networks: Commodity Multihop Ad Hoc Networks. IEEE Communications Magazine. Vol.43 (2005): 123-131.
[11]朱建明.无线网络安全方法与技术研究.西安电子科技大学.博士学位论文, 2004.
[12]李兴华.无线网络中认证及密钥协商协议的研究.西安电子科技大学.博士学位论文, 2006.
[13] DM Kienzle and MC Elder. Recent worms: a survey and trends. Proceedings of the 2003 ACM workshop on. Rapid Malcode. The Wyndham City Center Washington DC, USA, ACM Press, 2003:1-10.
[14] Fred Cohen. Computer viruses: Theory and experiments. Computers and Security, 1987,6(1):22~35.
[15] Staniford S, Paxson V, Weaver N. How to own the Internet in your spare time. 11th Usenix Security Symposium, San Francisco, USENIX Association Berkeley, CA, USA, 2002:149-167.
[16]张运凯,王长广,王方伟,马建峰.“震荡波”蠕虫分析与防范.计算机工程. 2005, 31(18): 65-67
[17]王长广,王方伟,张运凯,马建峰.一种无尺度网络上垃圾邮件蠕虫的传播模型.计算机科学. 2007, 34(2):72-74.
[18]瑞星公司.红色代码II(Code RedII)病毒分析. http://it.rising.com.cn/newSite/Channels/ Anti_Virus/Antivirus_Base/TopicDatabasePackage/19-130600235.htm.
[19]郑辉. Internet蠕虫研究.南开大学博士学位论文. 2003.
[20] Eugene H. Spafford. The Internet worm program: an analysis. ACM ComputerCommunication Review. 1989, 19(1):17~57.
[21] Network Associates. Virus Glossary. http://mcafeeb2b.com/naicommon/avert/avert- researchcenter/ virus-glossary.asp, 2005.5.28.
[22]文伟平.恶意代码机理与防范技术研究.中科院软件所博士学位论文. 2005.
[23]张运凯.网络蠕虫传播与控制研究.西安电子科技大学博士学位论文. 2006.
[24] John F. Shoch, and Jon A. Hupp. The Worm Programs Early Experience with Distributed Computation. Communications of ACM, 1982, 25(3): 172-180.
[25]郑辉.恶意移动代码分析与研究. http://www.ccert.edu.cn/pub/doc/worm1.pdf. 2005.4.28
[26] Yang S. Relations M. NSF awards $5.46 million to UC Berkeley and USC to build test bed for cyber war games. http://www.berkeley.edu/news/media/releases/2003/10/15.
[27] Lemos, R. Year of the worm: Fast-spreading code is weapon of choice for Net vandals. CNET News.com, http://news.com.com/2009-1001-254061.html, 2001.3.5.
[28] CERT Coordination Center. Carnegie Mellon University. CERT/CC Statistics 1988-2005. http://www.cert.org/stats/cert_stats.html.
[29] Spafford EH. The Internet worm program: An analysis. Technical Report, CSD-TR-823, West Lafayette: Department of Computer Science, Purdue University. 1988:1~29.
[30] Weaver N. Potential strategies for high speed active worms: a worst case analysis. U.C. Berkeley BRASS group. http://www.cs.berkeley.edu/~nweaver/worms. pdf.
[31] Weaver N. Warhol worms: the potential for very fast Internet plagues. Proceedings of the 11th USENIX Security Symposium. http://www.cs.berkeley.edu/?nweaver/warhol.html.
[32] Kephart JO, Chess DM, White SR. Computers and epidemiology. IEEE Spectrum, 1993, 30(5):20~26.
[33] Kephart JO, White SR. Measuring and modeling computer virus prevalence. Proceedings of the 1999 IEEE Computer Society Symposium on Research in Security and Privacy. Oakland, California, 1993: 2~15.
[34]文伟平,卿斯汉,蒋建春等.网络蠕虫研究与进展.软件学报. 2004, 15(8): 1208~1218.
[35] Cliff C.Zou, Gong W, Towsley D. Code Red worm propagation modeling and analysis. Proceeding of the 9th ACM Conference on Computer and Communication Security. Washington, ACM Press, 2002: 138~147.
[36] Yang Wang, Chenxi Wang. Modeling the Effects of Timing Parameters on Virus Propagation. Proceedings of the ACM CCS Workshop on Rapid Malcode (WORM 2003). Washington, ACM Press, 2003: 61-66.
[37] Y. Wang, D. Chakrabarti, C. Wang, and C. Faloutsos. Epidemic spreading in real networks: an eigenvalue viewpoint. Proceedings of the Symposium on Reliable Distributed Computing, Florence, Italy, 2003.10:25-34.
[38] S. Tanachaiwiwat, A. Helmy. VACCINE: war of the worms in wired and wireless networks. Tecnical Report CS 05-859, Computer Science Department, USC, 2005. http://www.cs.usc.edu/Research/TechReports/05-859.pdf.
[39] Robert G. Cole. Initial studies on worm propagation in MANETs for future army combat systems. 24th Army Science Conference Proceedings. Orlando, Florida, 2004: 247-258.
[40] Syed A. Khayam and Hayder Radha. Analyzing the spread of active worms over VANET. ACM Mobicom International Workshop on Vehicular Ad hoc Networks (VANET), Philadelphia, PA, USA , ACM Press, 2004: 86-87.
[41] Everett A., Kevin E. and Shane M., et al. Mobile contagion: simulation of infection & defense. Proceedings of the 19th Workshop on Principles of Advanced and Distributed Simulation, Washington, DC, USA, IEEE Computer Society, 2005: 80-87
[42] Syed A. Khayam and Hayder Radha. A topologically-aware worm propagation model for wireless sensor networks. IEEE ICDCS International Workshop on Security in Distributed Computing Systems (SDCS). 2005, (2): 210-216.
[43]王长广,沈玉龙,马建峰.一种蓝牙环境下恶意程序的传播模型.西安电子科技大学学报(自然科学版). 2009, (36)2: 94-98.
[44]王长广,马建峰.一种无线Ad hoc网络中恶意程序的传播模型.电子学报.2007, 12: 69-75.
[45] Chang-guang Wang, Xu Bai, Jian-feng Ma. Malicious code modeling and analysis in WiFi-based MANETs. IEEE Wicom’2008, 2008.10.
[46] Abdelmajid Khelil, Christian Becker, Jing Tian, Kurt Rothermel. An epidemic model for information diffusion in MANETs. MsWiM’02. Sep. 28, 2002. Atlanta, Georgia, USA.
[47] Jing Su, Kelvin K.W. Chan, Andrew G. Miklas, Kenneth Po, Ali Akhavan. A preliminary investigation of worm infections in Bluetooth environment. Proceedings of the 4th ACM workshop on Recurring malcode, 2006.
[48] Brett Stone-Gross, Christo Wilson, Kevin Almeroth, Elizabeth Belding. Malware in IEEE 802.11 Wireless Networks. Proceedings of 9th International Conference on Passive and Active Network Measurement (PAM 2008), LNCS 4979, Springer (2008), pp. 222–231.
[49] Streftaris G, Gibson GJ. Statistical inference for stochastic epidemic models. In: Proc. of the 17th Int’l Workshop on Statistical Modelling. Chania, 2002. 609~616.
[50] Frauenthal JC. Mathematical Modeling in Epidemiology. New York: Springer-Verlag, 1980.
[51] Chen Z, Gao L, Kwiat K. Modeling the spread of active worms. In: Proc. of the IEEE INFOCOM 2003. 2003.
[52] Esa Hyyti?, Pasi Lassila, and Jorma Virtamo. Spatial Node Distribution of the Random Waypoint Mobility Model with Applications. IEEE Trans. Mobile Computing, 2006.
[53] Steve W. Open problems in computer virus research. Proceedings of the 1998 Virus Bulletin Conference. Munich, Germany, 1999: 22-23.
[54] Esa Hyyti?, Pasi Lassila and Jorma Virtamo. A Markovian Waypoint Mobility Model with Application to Hotspot Modeling. In Proceedings of IEEE ICC 2006, June 2006.
[55] W. Navidi, T. Camp, and N. Bauer. Improving the accuracy of random waypoint simulations through steady-state initialization. In proceedings of the 15th international conference on modeling and simulation, 2004:319-326.
[56] Bluetooth. Specification of the Bluetooth system, 2006. http://www.bluetooth.org/foundry/ adopters/document/core_v2.0_EDR/en/1/Core_v2.0_EDR.zip.
[57] N. Abramsson. The ALOHA System- another Alternative for Computer Communications. FJCC in AFIPS Conference. 1970.
[58] J. Macker, M. Corson. Mobile Ad Hoc Networksing and the IETF Mobile Computing and Communications Review, 1998.
[59] J. Macker, S. Corson. RFC 2501. Mobile Ad hoc networking (MANET): Routing Protocol Performance Issues and Evaluation Considerations. IETF, January 1999.
[60] M. Royer. A Review of Current Routing Protocols for Ad Hoc Mobile Wireless Networks. IEEE Personal Communication, 1999.
[61] C. Perkins. Terminology for Ad-hoc Networks. Internet draf-ietf-manet-terms-00.txt, Nov.1997.
[62] Z. Hass, et al. Wireless Ad Hoc Networks. IEEE Journal on Selected Areas in Communications, 1999.
[63] I. Stojmenovic. Handbook of wireless networks and mobile computing. John Wiley&Sons, Inc, 2002.
[64] L. Zhou, Z. Haas. Securing Ad hoc networks. IEEE network Magazine. 1999, 13(6).
[65] J. Hubaux, L.Buttyan, S. Capkun. The Quest for Security in Mobile Ad hoc Networks. In Proceedings of the ACM Symposium on Mobile Ad Hoc Networking and Computing, 2001.
[66] S. Maki. Security Fundamentals in Ad Hoc Networking. In Proceedings of the Helsinki University of Technology, Seminar on Internetworking- Ad Hoc networks, 2000.
[67] V. Karpijoki. Security in Ad Hoc Networks. In Proceedings of the Helsinki University of Technology, Seminars on Network Security, 2000.
[68]汪小帆,李翔,陈关荣.复杂网络理论及其应用[M].北京:清华大学出版社,2006. 72-98.
[69] Bettstetter C. On the connectivity of Ad-hoc networks. The Computer Journal, Special Issue on Mobile and Pervasive Computing. 2004, 47(4):432-437.
[70] Santi P, Blough D. The critical transmitting range for connectivity in sparse wireless ad hoc networks. IEEE Transactions on Mobile Computing, 2003, 1(2):25-29.
[71] Jose Nazario. Worm blog. http://www.wormblog.com/im_worms/
[72] Moreno Y, Pastor-Satorras R, Vespignani A. Epidemic outbreaks in complex heterogeneousnetworks. The European Physical Journal B. 2002, (26):521-529.
[73] F. Brauer, C. Castillo-Chavez. Mathematical models in population biology and epidemiology. Springer, ISBN 0-387-98902-1, 2000.
[74] S.Y. Ni, Y.C. Tseng, Y.S. Chen and J.P. Sheu. The broadcast storm problem in a mobile Ad hoc network. Int. Conf. on mobile computing and networking, 1999:151-162.
[75] K. Obraczka, G. Tsudik, and K. Viswanath. Pushing the limits of multicast in Ad hoc netwoks. Int. Conf. on DCS, 2001.
[76] K. Viswanath and K. Obraczka. An adaptive approach to group communications in multi-hop Ad hoc networks. MMT’99, 1999.
[77] Wireless Medium Access Control (MAC) and Physical Layer (PHY) Specifications for Low-Rate Wireless Personal Area Networks (LR-WPANs). IEEE Standard, 802.15.4-2006.
[78] Mark Weiser, The Computer for the Twenty-First Century. Scientific American, September 1991: 94-100.
[79] http://www.cas.ac.cn/html/Dir/2003/08/28/0081.htm
[80] W. Manges, G. Allgood, and S. Smith. It’s Time for Sensors to Go Wireless. Part 1: Technological Underpinnings", Sensors Magazine, April, 1999.
[81] I.F. Akyildiz et al. Wireless sensor networks: a survey. Computer Networks, 2002, Vol.38 (2): 393-422.
[82]李晖.无线传感器网络安全技术研究.上海交通大学博士学位论文, 2007.
[83] D. W. Carman, P. S. Kruus and B. J. Matt. Constraints and Approaches for Distributed Sensor Network Security. September 1, 2000, NAI Labs Technical Report, 00-010.
[84] R. Min, et al. Low Power Wireless Sensor Networks. In the Proceedings of International Conference on VLSI Design. Bangalore, India, January 2001.
[85]王海涛,郑少仁. Ad hoc传感网络的体系结构及其相关问题.解放军理工大学学报(自然科学版). 2003, Vol. 4 (1).
[86] R. Shah and J. Rabaey. Energy Aware Routing for Low Energy Ad Hoc Sensor Networks. In the Proceedings of the IEEE Wireless Communications and Networking Conference (WCNC), Orlando, FL, March 2002.
[87] A. Manjeshwar and D. P. Agrawal. TEEN: A Protocol for Enhanced Efficiency in Wireless Sensor Networks. In the Proceedings of the 1st International Workshop on Parallel and Distributed Computing Issues in Wireless Networks and Mobile Computing, San Francisco, CA, April 2001.
[88] A. Manjeshwar and D. P. Agrawal. APTEEN: A Hybrid Protocol for Efficient Routing and Comprehensive Information Retrieval in Wireless Sensor Networks. In the Proceedings of the 2nd Inter-national Workshop on Parallel and Distributed Computing Issues in WirelessNetworks and Mobile computing, Ft. Lauderdale, FL, April 2002.
[89] Zhong S, Chen J , Yang Y R.. Sprite: A simple, cheatproof, credit-based system for mobile ad-hoc networks. In Proceedings of IEEE INFOCOM, 2003, 3: 1987-1997.
[90] Buttyan L , Hubaux J P. Stimulating cooperation in self-organizing mobile ad hoc networks ACM/Kluwer Mobile Networks and Applications, 2003, 8(5): 579-592.
[91] R. Nagpal, H. Shrobe, and J. Bachrach. Organizing a global coordinate system from local information on an ad hoc sensor network. In IPSN’03, 2003.
[92] A. Nasipuri and K. Li. A directionality based location discovery scheme for wireless sensor networks. In Proceedings of ACM WSNA’02, September 2002.
[93] T. S. Rappaport. Wireless Communications: Principles and Practice. Prentice-Hall, 2nd ed., December 2001.
[94] P. Gupta and P. R. Kumar. The Capacity of Wireless Networks. IEEE Transactions on Information Theory, vol. 46, March 2000.
[95] C. E. Perkins, E. M. Royer, and S. Das. Ad Hoc On-Demand Distance Vector (AODV) Routing. RFC 3561, February 1999.
[96] J. Broch and D. B. Johnson. The Dynamic Source Routing Protocol for Mobile Ad Hoc Networks. IETF Internet Draft, July 2004.
[97] C. Shannon and D. Moore. The Spread of the Witty Worm. IEEE Security & Privacy, vol. 2, no. 4, July/August 2004.
[98] N. T. J. Bailey. The Mathematical Theory of Infectious Diseases and Its Applications. Charles Griffin & Co. Ltd.: London, 1975.
[99] B. P. Lathi. Signal Processing and Linear Systems. Berkeley-Cambridge Press, 1998.
[100] R250 Random Number Generator Webpage. http://www.taygeta.com/random.xml
[101] N. Zierler and J. Brillhart. On Primitive Trinomials (mod 2). Information and Control, 1968, vol. 13(6): 541–554.
[102] N. Zierler and J. Brillhart. On Primitive Trinomials (mod 2) II. Information and Control, 1969, vol. 14(6): 566–569.
[103] G. E. P. Box and M .E. Muller. A Note on the Generation of Random Normal Deviates. Annals Math. Stat, 1958, vol. 29: 610–611.
[104] P. De, Y. Liu, and S.K. Das. Modeling Node Compromise Spread in Wireless Sensor Networks Using Epidemic Theory. International Workshop on Wireless Mobile Multimedia, 2006: 237-243.
[105] The Network Simulator - ns-2. http://www.isi.edu/nsnam/ns/index.html.
[106] G. Yan and S. Eidenbenz. Bluetooth Worm: Models, Dynamics, and Defense Implications. ACSAC’06, Miami, FL, Dec. 2006, pp. 245-256.
[107] Bluetooth Evolution-Opportunities and Challenges. http://www.imsresearch.com/product/ wireless. asp.
[108] Bluetooth SIG,Specification of the Bluetooth system. Baseband specification. Version 1.0. http://www.bluetooth.com/.
[109]丛延奇,徐艳,纪明宁.蓝牙技术安全性分析与安全策略.自动化技术与应用. 2003, 22(7): 35-39.
[110]于国良.蓝牙网络若干安全性问题研究.信息工程大学.军事学博士学位论文, 2006.
[111] J. Bray and C. Sturman. Bluetooth: Connect Without Cables. Prentice Hall, December 2000.
[112] A. Busboom, I. Herwono, M. Schuba, and G. Zavagli. Unambiguous device identification and fast connection setup in Bluetooth. In Proceedings of the European Wireless 2002, Florence, Italy, 2002.
[113] B. S. Peterson. Device Discovery in Frequency Hopping Wireless Ad Hoc Networks. PhD thesis, Air Force Institute of Technology, 2004.
[114] Specification of the Bluetooth system: Core, version 1.1, February 2001.
[115] J. N. Daigle. Queueing Theory with applications to Packet Telecommunication. Springer, 2005.
[116] G. Yan and S. Eidenbenz. Modeling propagation dynamics of Bluetooth worms. Technical Report LA-UR-06-8586, Los Alamos National Laboratory, 2006.
[117] http://www.gnu.org/software/octave/.
[118] http://www.ececs.uc.edu/ cdmc/ucbt/ucbt.html.
[119]俞波.无线自组网若干安全问题研究.复旦大学博士学位论文, 2006.
[120] T. S. Rappaport. Wireless Communications: Principles and Practice. Prentice-Hall, 2nded., December 2001.
[121] W. Leutzbach. Introduction to the Theory of Traffic Flow. Springer: Verlag, 1988.
[122] H. Hartenstein, B. Bochow, A. Ebner, M. Lott, M. Radimirsch and D. Vollmer. Position Aware Ad hoc Wireless Networks for Inter-Vehicle Communications: the Fleetnet Project. ACM MobiHoc, October 2001.
[123] C. Bettstetter and C. Hartmann. Connectivity of Wireless Multihop Networks in a Shadow Fading Environment. ACM MSWiM, September 2003.
[124] R. Hekmat and P. Van Mieghem. Study of Connectivity in Wireless Ad hoc Networks with an Improved Radio Model. WiOpt, March 2004.
[125] M. Grossglauser and D. N. C. Tse. Mobility Increases the Capacity of Ad Hoc Wireless Networks. IEEE/ACM Trans. on Networking, 2002, vol. 10(4):477-486.
[126] P. Gupta and P. Kumar. The Capacity of Wireless Networks. IEEE Trans. on Information Theory, 2000, vol. 46(3): 388–404.
[127] H. Andersson and T. Britton. Stochastic Epidemic Models and Their Statistical Analysis. Springer: Verlag, 2000.
[128] J. O. Kephart and S. R. White. Directed-Graph Epidemiological Models of ComputerViruses. IEEE ISSP, 1991.
[129] J. O. Kephart and S. R. White. Directed-Graph Epidemiological Models of ComputerViruses. IEEE ISSP, 1991.
[130] Communications of the ACM, vol. 32, no. 6, pp. 678–698, 1989 and vol. 25, no. 3, pp.172–180, 1982.
[131] D. Moore, C. Shannon, and D. Brown. Code-Red: A Case Study on the Spread and Victims of an Internet Worm. ACM Sigcomm, 2002.
[132] Proceedings of ACM WORM 2003.
[133] Network Security Session, IEEE Infocom, 2003.
[134] M. S. Bartlett. Some Evolutionary Stochastic Processes. J. Roy. Statistic. Soc., B 11, 1949: 211-229.
[135] eEye Digital Security, http://www.eeye.com/html/.
[136] Trusecure, http://www.trusecure.com/.
[137] Common Vulnerabilities and Exposures (CVE), http://www.cve.mitre.org.
[138] Bo Sun, Guanhua Yan, Yang Xiao. Worm Propagation Dynamics in Wireless Sensor Networks. ICC’08, May 2008. 1541– 1545.
[2] Mikko Hypponen. Malware goes mobile. Scientific American, 2006:70-77.
[3] S. Toyssy, M. Helenius. About malicious software in smartphones. J. Comput. Virol.(2006) 2: 109-119.
[4] Symantec. VBS.Timofonica. http://www.symantec.com/avcenter/venc/data/
[5] Symantec. SymbOS.Cabir. http://secrityresponse.symantec.com/avcenter/data/
[6] James W. Mickens, Brian D. Noble. Modeling epidemic spreading in mobile environments. WiSE’05, September 2nd , 2005, Cologne, Germany.
[7] 3G Security Architecture (Release 5). http://www.3gpp.org/
[8] Mobile Boradband Wireless Access (MBWA). IEEE 802.20, http://www.ieee.org/
[9] Broadband Wireless Access (BBWA). IEEE 802.16, http://www.ieee.org/
[10] Bruno. R., Conti. M., Gregori. E.. Mesh Networks: Commodity Multihop Ad Hoc Networks. IEEE Communications Magazine. Vol.43 (2005): 123-131.
[11]朱建明.无线网络安全方法与技术研究.西安电子科技大学.博士学位论文, 2004.
[12]李兴华.无线网络中认证及密钥协商协议的研究.西安电子科技大学.博士学位论文, 2006.
[13] DM Kienzle and MC Elder. Recent worms: a survey and trends. Proceedings of the 2003 ACM workshop on. Rapid Malcode. The Wyndham City Center Washington DC, USA, ACM Press, 2003:1-10.
[14] Fred Cohen. Computer viruses: Theory and experiments. Computers and Security, 1987,6(1):22~35.
[15] Staniford S, Paxson V, Weaver N. How to own the Internet in your spare time. 11th Usenix Security Symposium, San Francisco, USENIX Association Berkeley, CA, USA, 2002:149-167.
[16]张运凯,王长广,王方伟,马建峰.“震荡波”蠕虫分析与防范.计算机工程. 2005, 31(18): 65-67
[17]王长广,王方伟,张运凯,马建峰.一种无尺度网络上垃圾邮件蠕虫的传播模型.计算机科学. 2007, 34(2):72-74.
[18]瑞星公司.红色代码II(Code RedII)病毒分析. http://it.rising.com.cn/newSite/Channels/ Anti_Virus/Antivirus_Base/TopicDatabasePackage/19-130600235.htm.
[19]郑辉. Internet蠕虫研究.南开大学博士学位论文. 2003.
[20] Eugene H. Spafford. The Internet worm program: an analysis. ACM ComputerCommunication Review. 1989, 19(1):17~57.
[21] Network Associates. Virus Glossary. http://mcafeeb2b.com/naicommon/avert/avert- researchcenter/ virus-glossary.asp, 2005.5.28.
[22]文伟平.恶意代码机理与防范技术研究.中科院软件所博士学位论文. 2005.
[23]张运凯.网络蠕虫传播与控制研究.西安电子科技大学博士学位论文. 2006.
[24] John F. Shoch, and Jon A. Hupp. The Worm Programs Early Experience with Distributed Computation. Communications of ACM, 1982, 25(3): 172-180.
[25]郑辉.恶意移动代码分析与研究. http://www.ccert.edu.cn/pub/doc/worm1.pdf. 2005.4.28
[26] Yang S. Relations M. NSF awards $5.46 million to UC Berkeley and USC to build test bed for cyber war games. http://www.berkeley.edu/news/media/releases/2003/10/15.
[27] Lemos, R. Year of the worm: Fast-spreading code is weapon of choice for Net vandals. CNET News.com, http://news.com.com/2009-1001-254061.html, 2001.3.5.
[28] CERT Coordination Center. Carnegie Mellon University. CERT/CC Statistics 1988-2005. http://www.cert.org/stats/cert_stats.html.
[29] Spafford EH. The Internet worm program: An analysis. Technical Report, CSD-TR-823, West Lafayette: Department of Computer Science, Purdue University. 1988:1~29.
[30] Weaver N. Potential strategies for high speed active worms: a worst case analysis. U.C. Berkeley BRASS group. http://www.cs.berkeley.edu/~nweaver/worms. pdf.
[31] Weaver N. Warhol worms: the potential for very fast Internet plagues. Proceedings of the 11th USENIX Security Symposium. http://www.cs.berkeley.edu/?nweaver/warhol.html.
[32] Kephart JO, Chess DM, White SR. Computers and epidemiology. IEEE Spectrum, 1993, 30(5):20~26.
[33] Kephart JO, White SR. Measuring and modeling computer virus prevalence. Proceedings of the 1999 IEEE Computer Society Symposium on Research in Security and Privacy. Oakland, California, 1993: 2~15.
[34]文伟平,卿斯汉,蒋建春等.网络蠕虫研究与进展.软件学报. 2004, 15(8): 1208~1218.
[35] Cliff C.Zou, Gong W, Towsley D. Code Red worm propagation modeling and analysis. Proceeding of the 9th ACM Conference on Computer and Communication Security. Washington, ACM Press, 2002: 138~147.
[36] Yang Wang, Chenxi Wang. Modeling the Effects of Timing Parameters on Virus Propagation. Proceedings of the ACM CCS Workshop on Rapid Malcode (WORM 2003). Washington, ACM Press, 2003: 61-66.
[37] Y. Wang, D. Chakrabarti, C. Wang, and C. Faloutsos. Epidemic spreading in real networks: an eigenvalue viewpoint. Proceedings of the Symposium on Reliable Distributed Computing, Florence, Italy, 2003.10:25-34.
[38] S. Tanachaiwiwat, A. Helmy. VACCINE: war of the worms in wired and wireless networks. Tecnical Report CS 05-859, Computer Science Department, USC, 2005. http://www.cs.usc.edu/Research/TechReports/05-859.pdf.
[39] Robert G. Cole. Initial studies on worm propagation in MANETs for future army combat systems. 24th Army Science Conference Proceedings. Orlando, Florida, 2004: 247-258.
[40] Syed A. Khayam and Hayder Radha. Analyzing the spread of active worms over VANET. ACM Mobicom International Workshop on Vehicular Ad hoc Networks (VANET), Philadelphia, PA, USA , ACM Press, 2004: 86-87.
[41] Everett A., Kevin E. and Shane M., et al. Mobile contagion: simulation of infection & defense. Proceedings of the 19th Workshop on Principles of Advanced and Distributed Simulation, Washington, DC, USA, IEEE Computer Society, 2005: 80-87
[42] Syed A. Khayam and Hayder Radha. A topologically-aware worm propagation model for wireless sensor networks. IEEE ICDCS International Workshop on Security in Distributed Computing Systems (SDCS). 2005, (2): 210-216.
[43]王长广,沈玉龙,马建峰.一种蓝牙环境下恶意程序的传播模型.西安电子科技大学学报(自然科学版). 2009, (36)2: 94-98.
[44]王长广,马建峰.一种无线Ad hoc网络中恶意程序的传播模型.电子学报.2007, 12: 69-75.
[45] Chang-guang Wang, Xu Bai, Jian-feng Ma. Malicious code modeling and analysis in WiFi-based MANETs. IEEE Wicom’2008, 2008.10.
[46] Abdelmajid Khelil, Christian Becker, Jing Tian, Kurt Rothermel. An epidemic model for information diffusion in MANETs. MsWiM’02. Sep. 28, 2002. Atlanta, Georgia, USA.
[47] Jing Su, Kelvin K.W. Chan, Andrew G. Miklas, Kenneth Po, Ali Akhavan. A preliminary investigation of worm infections in Bluetooth environment. Proceedings of the 4th ACM workshop on Recurring malcode, 2006.
[48] Brett Stone-Gross, Christo Wilson, Kevin Almeroth, Elizabeth Belding. Malware in IEEE 802.11 Wireless Networks. Proceedings of 9th International Conference on Passive and Active Network Measurement (PAM 2008), LNCS 4979, Springer (2008), pp. 222–231.
[49] Streftaris G, Gibson GJ. Statistical inference for stochastic epidemic models. In: Proc. of the 17th Int’l Workshop on Statistical Modelling. Chania, 2002. 609~616.
[50] Frauenthal JC. Mathematical Modeling in Epidemiology. New York: Springer-Verlag, 1980.
[51] Chen Z, Gao L, Kwiat K. Modeling the spread of active worms. In: Proc. of the IEEE INFOCOM 2003. 2003.
[52] Esa Hyyti?, Pasi Lassila, and Jorma Virtamo. Spatial Node Distribution of the Random Waypoint Mobility Model with Applications. IEEE Trans. Mobile Computing, 2006.
[53] Steve W. Open problems in computer virus research. Proceedings of the 1998 Virus Bulletin Conference. Munich, Germany, 1999: 22-23.
[54] Esa Hyyti?, Pasi Lassila and Jorma Virtamo. A Markovian Waypoint Mobility Model with Application to Hotspot Modeling. In Proceedings of IEEE ICC 2006, June 2006.
[55] W. Navidi, T. Camp, and N. Bauer. Improving the accuracy of random waypoint simulations through steady-state initialization. In proceedings of the 15th international conference on modeling and simulation, 2004:319-326.
[56] Bluetooth. Specification of the Bluetooth system, 2006. http://www.bluetooth.org/foundry/ adopters/document/core_v2.0_EDR/en/1/Core_v2.0_EDR.zip.
[57] N. Abramsson. The ALOHA System- another Alternative for Computer Communications. FJCC in AFIPS Conference. 1970.
[58] J. Macker, M. Corson. Mobile Ad Hoc Networksing and the IETF Mobile Computing and Communications Review, 1998.
[59] J. Macker, S. Corson. RFC 2501. Mobile Ad hoc networking (MANET): Routing Protocol Performance Issues and Evaluation Considerations. IETF, January 1999.
[60] M. Royer. A Review of Current Routing Protocols for Ad Hoc Mobile Wireless Networks. IEEE Personal Communication, 1999.
[61] C. Perkins. Terminology for Ad-hoc Networks. Internet draf-ietf-manet-terms-00.txt, Nov.1997.
[62] Z. Hass, et al. Wireless Ad Hoc Networks. IEEE Journal on Selected Areas in Communications, 1999.
[63] I. Stojmenovic. Handbook of wireless networks and mobile computing. John Wiley&Sons, Inc, 2002.
[64] L. Zhou, Z. Haas. Securing Ad hoc networks. IEEE network Magazine. 1999, 13(6).
[65] J. Hubaux, L.Buttyan, S. Capkun. The Quest for Security in Mobile Ad hoc Networks. In Proceedings of the ACM Symposium on Mobile Ad Hoc Networking and Computing, 2001.
[66] S. Maki. Security Fundamentals in Ad Hoc Networking. In Proceedings of the Helsinki University of Technology, Seminar on Internetworking- Ad Hoc networks, 2000.
[67] V. Karpijoki. Security in Ad Hoc Networks. In Proceedings of the Helsinki University of Technology, Seminars on Network Security, 2000.
[68]汪小帆,李翔,陈关荣.复杂网络理论及其应用[M].北京:清华大学出版社,2006. 72-98.
[69] Bettstetter C. On the connectivity of Ad-hoc networks. The Computer Journal, Special Issue on Mobile and Pervasive Computing. 2004, 47(4):432-437.
[70] Santi P, Blough D. The critical transmitting range for connectivity in sparse wireless ad hoc networks. IEEE Transactions on Mobile Computing, 2003, 1(2):25-29.
[71] Jose Nazario. Worm blog. http://www.wormblog.com/im_worms/
[72] Moreno Y, Pastor-Satorras R, Vespignani A. Epidemic outbreaks in complex heterogeneousnetworks. The European Physical Journal B. 2002, (26):521-529.
[73] F. Brauer, C. Castillo-Chavez. Mathematical models in population biology and epidemiology. Springer, ISBN 0-387-98902-1, 2000.
[74] S.Y. Ni, Y.C. Tseng, Y.S. Chen and J.P. Sheu. The broadcast storm problem in a mobile Ad hoc network. Int. Conf. on mobile computing and networking, 1999:151-162.
[75] K. Obraczka, G. Tsudik, and K. Viswanath. Pushing the limits of multicast in Ad hoc netwoks. Int. Conf. on DCS, 2001.
[76] K. Viswanath and K. Obraczka. An adaptive approach to group communications in multi-hop Ad hoc networks. MMT’99, 1999.
[77] Wireless Medium Access Control (MAC) and Physical Layer (PHY) Specifications for Low-Rate Wireless Personal Area Networks (LR-WPANs). IEEE Standard, 802.15.4-2006.
[78] Mark Weiser, The Computer for the Twenty-First Century. Scientific American, September 1991: 94-100.
[79] http://www.cas.ac.cn/html/Dir/2003/08/28/0081.htm
[80] W. Manges, G. Allgood, and S. Smith. It’s Time for Sensors to Go Wireless. Part 1: Technological Underpinnings", Sensors Magazine, April, 1999.
[81] I.F. Akyildiz et al. Wireless sensor networks: a survey. Computer Networks, 2002, Vol.38 (2): 393-422.
[82]李晖.无线传感器网络安全技术研究.上海交通大学博士学位论文, 2007.
[83] D. W. Carman, P. S. Kruus and B. J. Matt. Constraints and Approaches for Distributed Sensor Network Security. September 1, 2000, NAI Labs Technical Report, 00-010.
[84] R. Min, et al. Low Power Wireless Sensor Networks. In the Proceedings of International Conference on VLSI Design. Bangalore, India, January 2001.
[85]王海涛,郑少仁. Ad hoc传感网络的体系结构及其相关问题.解放军理工大学学报(自然科学版). 2003, Vol. 4 (1).
[86] R. Shah and J. Rabaey. Energy Aware Routing for Low Energy Ad Hoc Sensor Networks. In the Proceedings of the IEEE Wireless Communications and Networking Conference (WCNC), Orlando, FL, March 2002.
[87] A. Manjeshwar and D. P. Agrawal. TEEN: A Protocol for Enhanced Efficiency in Wireless Sensor Networks. In the Proceedings of the 1st International Workshop on Parallel and Distributed Computing Issues in Wireless Networks and Mobile Computing, San Francisco, CA, April 2001.
[88] A. Manjeshwar and D. P. Agrawal. APTEEN: A Hybrid Protocol for Efficient Routing and Comprehensive Information Retrieval in Wireless Sensor Networks. In the Proceedings of the 2nd Inter-national Workshop on Parallel and Distributed Computing Issues in WirelessNetworks and Mobile computing, Ft. Lauderdale, FL, April 2002.
[89] Zhong S, Chen J , Yang Y R.. Sprite: A simple, cheatproof, credit-based system for mobile ad-hoc networks. In Proceedings of IEEE INFOCOM, 2003, 3: 1987-1997.
[90] Buttyan L , Hubaux J P. Stimulating cooperation in self-organizing mobile ad hoc networks ACM/Kluwer Mobile Networks and Applications, 2003, 8(5): 579-592.
[91] R. Nagpal, H. Shrobe, and J. Bachrach. Organizing a global coordinate system from local information on an ad hoc sensor network. In IPSN’03, 2003.
[92] A. Nasipuri and K. Li. A directionality based location discovery scheme for wireless sensor networks. In Proceedings of ACM WSNA’02, September 2002.
[93] T. S. Rappaport. Wireless Communications: Principles and Practice. Prentice-Hall, 2nd ed., December 2001.
[94] P. Gupta and P. R. Kumar. The Capacity of Wireless Networks. IEEE Transactions on Information Theory, vol. 46, March 2000.
[95] C. E. Perkins, E. M. Royer, and S. Das. Ad Hoc On-Demand Distance Vector (AODV) Routing. RFC 3561, February 1999.
[96] J. Broch and D. B. Johnson. The Dynamic Source Routing Protocol for Mobile Ad Hoc Networks. IETF Internet Draft, July 2004.
[97] C. Shannon and D. Moore. The Spread of the Witty Worm. IEEE Security & Privacy, vol. 2, no. 4, July/August 2004.
[98] N. T. J. Bailey. The Mathematical Theory of Infectious Diseases and Its Applications. Charles Griffin & Co. Ltd.: London, 1975.
[99] B. P. Lathi. Signal Processing and Linear Systems. Berkeley-Cambridge Press, 1998.
[100] R250 Random Number Generator Webpage. http://www.taygeta.com/random.xml
[101] N. Zierler and J. Brillhart. On Primitive Trinomials (mod 2). Information and Control, 1968, vol. 13(6): 541–554.
[102] N. Zierler and J. Brillhart. On Primitive Trinomials (mod 2) II. Information and Control, 1969, vol. 14(6): 566–569.
[103] G. E. P. Box and M .E. Muller. A Note on the Generation of Random Normal Deviates. Annals Math. Stat, 1958, vol. 29: 610–611.
[104] P. De, Y. Liu, and S.K. Das. Modeling Node Compromise Spread in Wireless Sensor Networks Using Epidemic Theory. International Workshop on Wireless Mobile Multimedia, 2006: 237-243.
[105] The Network Simulator - ns-2. http://www.isi.edu/nsnam/ns/index.html.
[106] G. Yan and S. Eidenbenz. Bluetooth Worm: Models, Dynamics, and Defense Implications. ACSAC’06, Miami, FL, Dec. 2006, pp. 245-256.
[107] Bluetooth Evolution-Opportunities and Challenges. http://www.imsresearch.com/product/ wireless. asp.
[108] Bluetooth SIG,Specification of the Bluetooth system. Baseband specification. Version 1.0. http://www.bluetooth.com/.
[109]丛延奇,徐艳,纪明宁.蓝牙技术安全性分析与安全策略.自动化技术与应用. 2003, 22(7): 35-39.
[110]于国良.蓝牙网络若干安全性问题研究.信息工程大学.军事学博士学位论文, 2006.
[111] J. Bray and C. Sturman. Bluetooth: Connect Without Cables. Prentice Hall, December 2000.
[112] A. Busboom, I. Herwono, M. Schuba, and G. Zavagli. Unambiguous device identification and fast connection setup in Bluetooth. In Proceedings of the European Wireless 2002, Florence, Italy, 2002.
[113] B. S. Peterson. Device Discovery in Frequency Hopping Wireless Ad Hoc Networks. PhD thesis, Air Force Institute of Technology, 2004.
[114] Specification of the Bluetooth system: Core, version 1.1, February 2001.
[115] J. N. Daigle. Queueing Theory with applications to Packet Telecommunication. Springer, 2005.
[116] G. Yan and S. Eidenbenz. Modeling propagation dynamics of Bluetooth worms. Technical Report LA-UR-06-8586, Los Alamos National Laboratory, 2006.
[117] http://www.gnu.org/software/octave/.
[118] http://www.ececs.uc.edu/ cdmc/ucbt/ucbt.html.
[119]俞波.无线自组网若干安全问题研究.复旦大学博士学位论文, 2006.
[120] T. S. Rappaport. Wireless Communications: Principles and Practice. Prentice-Hall, 2nded., December 2001.
[121] W. Leutzbach. Introduction to the Theory of Traffic Flow. Springer: Verlag, 1988.
[122] H. Hartenstein, B. Bochow, A. Ebner, M. Lott, M. Radimirsch and D. Vollmer. Position Aware Ad hoc Wireless Networks for Inter-Vehicle Communications: the Fleetnet Project. ACM MobiHoc, October 2001.
[123] C. Bettstetter and C. Hartmann. Connectivity of Wireless Multihop Networks in a Shadow Fading Environment. ACM MSWiM, September 2003.
[124] R. Hekmat and P. Van Mieghem. Study of Connectivity in Wireless Ad hoc Networks with an Improved Radio Model. WiOpt, March 2004.
[125] M. Grossglauser and D. N. C. Tse. Mobility Increases the Capacity of Ad Hoc Wireless Networks. IEEE/ACM Trans. on Networking, 2002, vol. 10(4):477-486.
[126] P. Gupta and P. Kumar. The Capacity of Wireless Networks. IEEE Trans. on Information Theory, 2000, vol. 46(3): 388–404.
[127] H. Andersson and T. Britton. Stochastic Epidemic Models and Their Statistical Analysis. Springer: Verlag, 2000.
[128] J. O. Kephart and S. R. White. Directed-Graph Epidemiological Models of ComputerViruses. IEEE ISSP, 1991.
[129] J. O. Kephart and S. R. White. Directed-Graph Epidemiological Models of ComputerViruses. IEEE ISSP, 1991.
[130] Communications of the ACM, vol. 32, no. 6, pp. 678–698, 1989 and vol. 25, no. 3, pp.172–180, 1982.
[131] D. Moore, C. Shannon, and D. Brown. Code-Red: A Case Study on the Spread and Victims of an Internet Worm. ACM Sigcomm, 2002.
[132] Proceedings of ACM WORM 2003.
[133] Network Security Session, IEEE Infocom, 2003.
[134] M. S. Bartlett. Some Evolutionary Stochastic Processes. J. Roy. Statistic. Soc., B 11, 1949: 211-229.
[135] eEye Digital Security, http://www.eeye.com/html/.
[136] Trusecure, http://www.trusecure.com/.
[137] Common Vulnerabilities and Exposures (CVE), http://www.cve.mitre.org.
[138] Bo Sun, Guanhua Yan, Yang Xiao. Worm Propagation Dynamics in Wireless Sensor Networks. ICC’08, May 2008. 1541– 1545.