Realistic modeling of worm spread is crucial if we wish to predict the real-world efficacy of different worm counter-measures. Ideally, such modeling should be able to handle different types of malcode, multiple defenses, and realistic network topologies and limitations. Due to the complexity of the interactions between entities in the network, accurate analytical solutions are extremely difficult to derive. A more tractable approach to the problem is Monte-Carlo simulation. Most such simulators are custom built to simulate the spread of a particular worm and are not easily extendible to other malcode or topology simulations. While general purpose simulators, like GTNetS or ns2, are capable of simulating arbitrary network topologies and actors, they are too granular for our purposes and therefore too CPU intensive for large network simulation. To overcome these limitations, we designed Hephaestus, a simulator which is capable of simulating arbitrary network and application topologies and custom actors. We validate our simulator by modeling the well known spread of the worm, Code-Red I v2. Finally, we conclude by discussing the potential for future work based upon our simulator.

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	M. Avalos, P. Hellard, and J.-C. Chatard. Modeling the training-performance relationship using a mixed model in elite swimmers. Medicine & Science in Sports & Exercise, 35(5):838--846, May 2003.
	2	Shigang Chen , Yong Tang, Slowing Down Internet Worms, Proceedings of the 24th International Conference on Distributed Computing Systems (ICDCS'04), p.312-319, March 24-26, 2004
	3	Z. Chen, L. Gao, and K. Kwait. Modeling the spread of active worms. Twenty-Second Annual Joint Conference of the IEEE Computer and Communications Societies, 3:1890--1900, March 2003.
	4	J. O. Kephart and S. R. White. Directed-graph epidemiological models of computer viruses. In Proceedings of the 1991 IEEE Computer Society Symposium on Research in Security and Privacy, pages 343--359, 1991.
	5	D. Moore and C. Shannon. Caida analysis of code-red, 2001. http://www.caida.org/analysis/security/code-red/.
	6	David Moore , Colleen Shannon , k claffy, Code-Red: a case study on the spread and victims of an internet worm, Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment, November 06-08, 2002, Marseille, France  [doi>10.1145/637201.637244]
	7	Attila Ondi, A drawback of current anti-virus simulations: the need for background traffic, Proceedings of the 44th annual Southeast regional conference, March 10-12, 2006, Melbourne, Florida  [doi>10.1145/1185448.1185609]
	8	George F. Riley , Monirul I. Sharif , Wenke Lee, Simulating Internet Worms, Proceedings of the The IEEE Computer Society's 12th Annual International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunications Systems (MASCOTS'04), p.268-274, October 04-08, 2004
	9	C. B. Shirey. Modeling the spread and prevention of malicious mobile code via simulation. Master's thesis, Florida Institute of Technology, 2004.
	10	Sumeet Singh , Cristian Estan , George Varghese , Stefan Savage, Automated worm fingerprinting, Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation, p.4-4, December 06-08, 2004, San Francisco, CA
	11	Robin Sommer , Vern Paxson, Exploiting Independent State For Network Intrusion Detection, Proceedings of the 21st Annual Computer Security Applications Conference, p.59-71, December 05-09, 2005  [doi>10.1109/CSAC.2005.24]
	12	Stuart Staniford , Vern Paxson , Nicholas Weaver, How to Own the Internet in Your Spare Time, Proceedings of the 11th USENIX Security Symposium, p.149-167, August 05-09, 2002
	13	Hongsuda Tangmunarunkit , Ramesh Govindan , Sugih Jamin , Scott Shenker , Walter Willinger, Network topology generators: degree-based vs. structural, Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications, August 19-23, 2002, Pittsburgh, Pennsylvania, USA
	14	T. Vogt. Simulating and optimising worm propagation algorithms. Technical report, Security Focus, 2003.
	15	S. Wei, J. Mirkovic, and M. Swany. Distributed worm simulation with a realistic internet model. In Proceedings of the 2005 Symposium on Modelling and Simulation of Malware, 2005.
	16	M. M. Williamson and J. Lévillé. An epidemiological model of virus spread and cleanup. In Proceedings of the Virus Bulletin Conference, 2003.