NOTICE: Due to a lapse in annual appropriations, most of this website is not being updated. Learn more.
Form submissions will still be accepted but will not receive responses at this time. Sections of this site for programs using non-appropriated funds (such as NVLAP) or those that are excepted from the shutdown (such as CHIPS and NVD) will continue to be updated.
An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
A General Methodology for Deriving Network Propagation Models of Computer Worms
Published
Author(s)
Shuvo Bardhan, Douglas C. Montgomery, James J. Filliben, Nathanael A. Heckert
Abstract
Externally-launched computer worms which maliciously propagate within networks are one of the most serious and dangerous security threats facing the commercial, political, military, and research community today. With an eye to the ultimate goal of detection and prevention of such worms, this paper addresses the preliminary step of constructing a predictive model for worm propagation. For this model we have chosen 3 fundamental factors known to affect worm propagation: size of the network IP space, proportion of the IP space with susceptible hosts, and rate at which an infected host scans other vulnerable hosts. This paper presents in detail the methodology (simulator construction + data generation + 2 sequential fitting steps) for constructing similar such general models; this methodology will have application across a variety f worm modeling scenarios. For demonstration purposes (and with no loss of generality), we apply this methodology to a 3-factor Class B network and derive a high quality (error
Bardhan, S.
, Montgomery, D.
, Filliben, J.
and Heckert, N.
(2019),
A General Methodology for Deriving Network Propagation Models of Computer Worms, Technical Note (NIST TN), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.TN.2035
(Accessed October 9, 2025)