Abstract: The P2P-based worm is a kind of malicious code that takes advantage of P2P system to propagate. Because hosts in P2P system maintain a lot of neighbors list, infected hosts in P2P systems can easily propagate the worms to its neighbors. It can spread with high speed, which would lead to network congestion. This paper addresses the issue by analyzing the theory of P2P worm’s propagation and presents a mathematical model that takes into account bandwidth and the time of treatment response. In particular, it studies bandwidth affecting the worm propagation in the aspects of saturation and congestion. Furthermore, it studies the measure of defense based on the propagating model. From the simulation experiment, it can describe the process of worm’s propagation in a P2P system.

Key words: Worms, Peer-to-peer (P2P) system, Propagation model, Defense measure

摘要： P2P蠕虫是利用P2P机制进行传播的恶意代码。通过P2P节点的共享列表，蠕虫很容易获得攻击目标的信息，所以其爆发时传播速度很快，这种大量的快速传播导致的直接后果是网络阻塞。该文分析蠕虫在P2P网络中的传播原理，在经典病毒传播模型基础上提出了考虑带宽及治愈响应起始时间因素的蠕虫传播模型，从带宽饱和与阻塞两个方面分析带宽对蠕虫传播的影响，在此基础上分析了蠕虫的防御措施。通过模拟实验，该模型能够较真实地描述蠕虫大规模爆发时引起带宽拥塞的情况。

关键词: 蠕虫, P2P系统, 传播模型, 防御措施