PID: A Queue Management Scheme for Improving Network Resilience Under Worm Attacks

In this paper, we propose PID (per inefficiency dropping), a queue management scheme that can not only preserve bandwidth for normal traffic when a worm is spreading fast but also significantly reduce the spreading rate of the worm. PID preferentially drops packets of inefficient applications that generate large numbers of invalid packets according to the bandwidth impact of the invalid packets. Thus bandwidth can be preserved for normal efficient applications. Simulations show that PID can significantly slow the propagation of scanning worms. They also show that worm traffic only has limited impact on normal traffic even after all vulnerable nodes in the simulated network have been infected.