The objective of this research was to discover and define the characteristics a benevolent computer worm would have in order to reduce the risks of such a tool as a method to combat against computer security threats. Prominent malicious and benevolent computer worms were studied as well as the ethical and legal aspects of benevolent worms. A set of desired characteristics for a benevolent worm framework, as well as how those characteristics help to mitigate risk, was developed. A benevolent worm was created and tested in an environment with exploitable systems to demonstrate the feasibility of using a benevolent worm to patch and protect systems without causing excessive consumption of network resources and to provide accountability through logs. The conclusion reached was that it was feasible to construct a benevolent worm such that the benefits to the community (or network) as a whole in securing it outweighed the risks.
展开▼
