Security Concerns in Worm Containment Using Vigilante

With the Internet taking increasingly integral role in the everyday lives, the researchers are struggling to leverage all more sophisticated technologies for fighting malicious software. A prototype system called Vigilante was recently proposed as a solution to Internet worm containment. Novel and complicated ideas for distribution, detection and countermeasures were demonstrated. This paper analyses and discusses different security issues and trade-offs in the solution. The authors discuss peer-to-peer distribution concerns, the trust placed in distributed alerts, end-host security with virtual machines and counter attacks against the system. They show that although the system is very well thought out, there is still room for improvement and more research for a complete product.