Journal ArticleDOI
Inside the Slammer worm
David Moore,Vern Paxson,Stefan Savage,Colleen Shannon,Stuart Staniford,Nicholas Weaver +5 more
- Vol. 1, Iss: 4, pp 33-39
TLDR
The Slammer worm spread so quickly that human response was ineffective, and why was it so effective and what new challenges do this new breed of worm pose?Abstract:
The Slammer worm spread so quickly that human response was ineffective. In January 2003, it packed a benign payload, but its disruptive capacity was surprising. Why was it so effective and what new challenges do this new breed of worm pose?.read more
Citations
More filters
Journal ArticleDOI
Towards Industrial Intrusion Prevention Systems: A Concept and Implementation for Reactive Protection
TL;DR: A concept for reactive protection that integrates the automatic execution of active responses that do not influence the operation of the underlying Industrial Automation System and also proposes a set of reactive actions that can be taken in the presence of intrusions in order to counteract them or diminish their effects.
Journal ArticleDOI
Detector SherLOCK: Enhancing TRW with Bloom filters under memory and performance constraints
TL;DR: A new scanning detection scheme, SherLOCK, based on the connection attempt success ratio is proposed, which can detect scanners with guaranteed false positive and false negative probabilities and with a limited memory size.
Journal ArticleDOI
Statistical cross-relation approach for detecting TCP and UDP random and sequential network scanning SCANS
TL;DR: This paper presents a statistical ‘cross-relation’ approach for detecting network scanning and identifying its targets that was more effective in detecting TCP and UDP scanning than the existing approaches, and it provided better detection accuracy.
Journal Article
A Traffic Signature-based Algorithm for Detecting Scanning Internet Worms
TL;DR: In this paper, it is shown that the proposed method can detect traffic signature for MSBlaster worm and is shown to be able to reduce the number of false alarm.
Journal Article
An anti-worm with balanced tree based spreading strategy
TL;DR: In this article, a balanced tree based propagation strategy (BTP) was proposed for an anti-worm strategy with a mathematic model, and the results show that the new strategy is effective and feasible.
References
More filters
Proceedings Article
Inferring internet denial-of-service activity
TL;DR: This article presents a new technique, called “backscatter analysis,” that provides a conservative estimate of worldwide denial-of-service activity, and believes it is the first to provide quantitative estimates of Internet-wide denial- of- service activity.
Proceedings Article
How to Own the Internet in Your Spare Time
TL;DR: This work develops and evaluates several new, highly virulent possible techniques: hit-list scanning, permutation scanning, self-coordinating scanning, and use of Internet-sized hit-lists (which creates a flash worm).
Proceedings ArticleDOI
Code-Red: a case study on the spread and victims of an internet worm
TL;DR: The experience of the Code-Red worm demonstrates that wide-spread vulnerabilities in Internet hosts can be exploited quickly and dramatically, and that techniques other than host patching are required to mitigate Internet worms.
Proceedings ArticleDOI
Internet quarantine: requirements for containing self-propagating code
TL;DR: The design space of worm containment systems is described using three key parameters - reaction time, containment strategy and deployment scenario - and the lower bounds that any such system must exceed to be useful today are demonstrated.
Journal ArticleDOI
Inferring Internet denial-of-service activity
TL;DR: In this paper, the authors present a new technique, called backscatter analysis, that provides a conservative estimate of worldwide denial-of-service activity, and quantitatively assess the number, duration and focus of attacks, and qualitatively characterize their behavior.