Attila Ondi

Date of Award


Document Type


Degree Name

Doctor of Philosophy (PhD)


Computer Engineering and Sciences

First Advisor

Richard A. Ford

Second Advisor

Ronaldo P. Menezes

Third Advisor

William H. Allen

Fourth Advisor

Mark B. Bush


The automated spread of worms such as Code-Red, SQL/Slammer, and Nimda have caused costly problems to computers connected to the Internet. Even users whose machines were not vulnerable to these threats suffered a loss of productivity and experienced great frustration as connectivity and network traffic were negatively impacted during outbreaks. Although the number of new worm attacks reported in the media seems to be declining, it is vital that researchers study the effects of malicious code on the global network to understand how to defend against future threats. The choice of system for studying the spread of worms and viruses in this work was Hephaestus, a discrete-event network simulator, developed during the course of this dissertation. Several experiments on self-replicating malicious computer code including the validation of the simulator through a study of the spread of Code-Red, efficiently defending against email-based worms, and distributing policy information in an enterprise network have been performed. This dissertation reports the results of these experiments as well as a theoretical insight concerning spread metrics and how the damage caused by malicious code should be measured.


Copyright held by author.