Journal ArticleDOI
Inside the Slammer worm
David Moore,Vern Paxson,Stefan Savage,Colleen Shannon,Stuart Staniford,Nicholas Weaver +5 more
- Vol. 1, Iss: 4, pp 33-39
TLDR
The Slammer worm spread so quickly that human response was ineffective, and why was it so effective and what new challenges do this new breed of worm pose?Abstract:
The Slammer worm spread so quickly that human response was ineffective. In January 2003, it packed a benign payload, but its disruptive capacity was surprising. Why was it so effective and what new challenges do this new breed of worm pose?.read more
Citations
More filters
Proceedings ArticleDOI
Can you infect me now?: malware propagation in mobile phone networks
TL;DR: The speed and severity of random contact worms in mobile phone networks are evaluated, the denial-of-service effects such worms could have on the network are characterized, approaches to accelerate malware propagation are investigated, and the implications of defending networks against such attacks are discussed.
Proceedings ArticleDOI
Toward understanding distributed blackhole placement
TL;DR: This paper extends previous work characterizing traffic seen at specific unused address blocks by examining differences observed between these blocks, using a network of blackhole sensors part of the Internet Motion Sensor (IMS) collection infrastructure.
Proceedings Article
Privacy-preserving sharing and correction of security alerts
TL;DR: This work presents a practical scheme for Internet-scale collaborative analysis of information security threats which provides strong privacy guarantees to contributors of alerts, and proposes a set of data sanitization techniques and correlation, while maintaining privacy for alert contributors.
Proceedings Article
Vulnerability-Specific Execution Filtering for Exploit Prevention on Commodity Software
TL;DR: VSEF is an execution-based filter which filters out attacks on a specific vulnerability based on the vulnerable program’s execution trace which achieves a lower error rate and wider applicability than input filters and has better performance than full execution monitoring.
Proceedings ArticleDOI
Bouncer: securing software by blocking bad input
TL;DR: Bouncer introduces a new form of program slicing that uses a combination of static and dynamic analysis to remove unnecessary conditions from the filter and symbolic summaries for common library functions that characterize their behavior succinctly as a set of conditions on the input.
References
More filters
Proceedings Article
Inferring internet denial-of-service activity
TL;DR: This article presents a new technique, called “backscatter analysis,” that provides a conservative estimate of worldwide denial-of-service activity, and believes it is the first to provide quantitative estimates of Internet-wide denial- of- service activity.
Proceedings Article
How to Own the Internet in Your Spare Time
TL;DR: This work develops and evaluates several new, highly virulent possible techniques: hit-list scanning, permutation scanning, self-coordinating scanning, and use of Internet-sized hit-lists (which creates a flash worm).
Proceedings ArticleDOI
Code-Red: a case study on the spread and victims of an internet worm
TL;DR: The experience of the Code-Red worm demonstrates that wide-spread vulnerabilities in Internet hosts can be exploited quickly and dramatically, and that techniques other than host patching are required to mitigate Internet worms.
Proceedings ArticleDOI
Internet quarantine: requirements for containing self-propagating code
TL;DR: The design space of worm containment systems is described using three key parameters - reaction time, containment strategy and deployment scenario - and the lower bounds that any such system must exceed to be useful today are demonstrated.
Journal ArticleDOI
Inferring Internet denial-of-service activity
TL;DR: In this paper, the authors present a new technique, called backscatter analysis, that provides a conservative estimate of worldwide denial-of-service activity, and quantitatively assess the number, duration and focus of attacks, and qualitatively characterize their behavior.