An analysis of the witty outbreak: exploiting underlying structure for detailed reconstruction of an internet-scale event
Citations
1,377 citations
Cites methods from "An analysis of the witty outbreak: ..."
...…et al. [29] identify users in the anonymized Netflix datasets via correlation with their public reviews in a separate database; and Kumar et al. [30] determine from lossy and remote packet traces the number of disks attached to systems infected by the “Witty” worm, as well as their uptime to…...
[...]
464 citations
Cites background from "An analysis of the witty outbreak: ..."
...This provides flexible fine grain access control and eliminates the need for more complex ad-hoc mechanisms....
[...]
364 citations
Cites background from "An analysis of the witty outbreak: ..."
...show how a broad range of details of the Witty worm outbreak can be infer red using information about that malware’s random number generator [24]....
[...]
353 citations
Cites background from "An analysis of the witty outbreak: ..."
...Simplifying the host software also decreases the chance that it could contain exploitable vulnerabilities [15, 30]....
[...]
162 citations
Cites methods from "An analysis of the witty outbreak: ..."
...…is application-protocol parsers that translate packet streams into high-level representations of the traf.c, on top of which we can then use measurement scripts that manipulate semantically meaningful data elements such as HTTP content types or Email senders/recipients, instead of raw IP packets....
[...]
References
6,547 citations
"An analysis of the witty outbreak: ..." refers background or methods in this paper
...Implementing good PRNGs is a complicated task [8], especially when constrained by limits on code size and the difficulty of incorporating linkable libraries....
[...]
...Neither of these reasons actually requires the kind of good randomness provided by following Knuth s advice of picking only the higher order bits....
[...]
...Knuth s advice applies when uniform randomness is the desired property, and is valid only when a small number of random bits are needed....
[...]
...This was rec ommended by Knuth [8], who showed that the high order bits are more random than the lower order bits returned by the LC PRNG....
[...]
...This was recommended by Knuth [8], who showed that the high order bits are “more random” than the lower order bits returned by the LC PRNG....
[...]
1,444 citations
1,377 citations
1,255 citations
1,070 citations