Journal ArticleDOI
Inside the Slammer worm
David Moore,Vern Paxson,Stefan Savage,Colleen Shannon,Stuart Staniford,Nicholas Weaver +5 more
- Vol. 1, Iss: 4, pp 33-39
TLDR
The Slammer worm spread so quickly that human response was ineffective, and why was it so effective and what new challenges do this new breed of worm pose?Abstract:
The Slammer worm spread so quickly that human response was ineffective. In January 2003, it packed a benign payload, but its disruptive capacity was surprising. Why was it so effective and what new challenges do this new breed of worm pose?.read more
Citations
More filters
A statistical framework for analyzing cyber attacks
TL;DR: This paper presents a meta-modelling framework that automates the very labor-intensive and therefore time-heavy and therefore expensive and expensive process of manually cataloging and cataloging the components of a cyber attack.
Proceedings ArticleDOI
A novel response-oriented attack classification
TL;DR: This work offers a generic attack description to classify, help identify and defend against computer and network attacks, and takes into account several attack properties in order to simplify attack handling and aggregate defense mechanisms.
Proceedings ArticleDOI
One size does not fit all: 10 years of applying context-aware security
TL;DR: What exactly is meant by context, why it is difficult to measure, and what one can do with context when it is available are explained and some ideas about the future of context-aware security are concluded.
Journal ArticleDOI
Distributed Denial of Service (DDoS): A History
TL;DR: Distributed Denial of Service (DDoS) attacks as mentioned in this paper exploit the fact that the Internet lacks centralized access control and exploit the vulnerability of the early Internet to DDoS attacks.
Behavioral Footprinting: A New Dimension to Characterize Self-Propagating Worms
Xuxian Jiang,Dongyan Xu +1 more
TL;DR: This paper proposes and justifies a new dimension, behavioral footprinting, which characterizes a worm’s unique behavior during each infection session, which covers the probing, exploitation, and replication phases of the infection session.
References
More filters
Proceedings Article
Inferring internet denial-of-service activity
TL;DR: This article presents a new technique, called “backscatter analysis,” that provides a conservative estimate of worldwide denial-of-service activity, and believes it is the first to provide quantitative estimates of Internet-wide denial- of- service activity.
Proceedings Article
How to Own the Internet in Your Spare Time
TL;DR: This work develops and evaluates several new, highly virulent possible techniques: hit-list scanning, permutation scanning, self-coordinating scanning, and use of Internet-sized hit-lists (which creates a flash worm).
Proceedings ArticleDOI
Code-Red: a case study on the spread and victims of an internet worm
TL;DR: The experience of the Code-Red worm demonstrates that wide-spread vulnerabilities in Internet hosts can be exploited quickly and dramatically, and that techniques other than host patching are required to mitigate Internet worms.
Proceedings ArticleDOI
Internet quarantine: requirements for containing self-propagating code
TL;DR: The design space of worm containment systems is described using three key parameters - reaction time, containment strategy and deployment scenario - and the lower bounds that any such system must exceed to be useful today are demonstrated.
Journal ArticleDOI
Inferring Internet denial-of-service activity
TL;DR: In this paper, the authors present a new technique, called backscatter analysis, that provides a conservative estimate of worldwide denial-of-service activity, and quantitatively assess the number, duration and focus of attacks, and qualitatively characterize their behavior.