A Network Worm Vaccine Architecture
The ability of worms to spread at rates that effectively preclude human-directed reaction has elevated them to a first-class security threat to distributed systems. The authors present the first reaction mechanism that seeks to automatically patch vulnerable software. The system employs a collection of sensors that detect and capture potential worm infection vectors. The authors automatically test the effects of these vectors on appropriately-instrumented sandboxed instances of the targeted application, trying to identify the exploited software weakness.