Journal ArticleDOI
Inside the Slammer worm
David Moore,Vern Paxson,Stefan Savage,Colleen Shannon,Stuart Staniford,Nicholas Weaver +5 more
- Vol. 1, Iss: 4, pp 33-39
TLDR
The Slammer worm spread so quickly that human response was ineffective, and why was it so effective and what new challenges do this new breed of worm pose?Abstract:
The Slammer worm spread so quickly that human response was ineffective. In January 2003, it packed a benign payload, but its disruptive capacity was surprising. Why was it so effective and what new challenges do this new breed of worm pose?.read more
Citations
More filters
Dissertation
Inferring malicious network events in commercial ISP networks using traffic summarisation
TL;DR: This thesis suggests that the use of summary statistics, gathered over a num- ber of packets, is a sensible and effective way of coping with high data rates, and a methodology for discovering which metrics are appropriate for classifying network events using statistical summaries is presented.
Proceedings ArticleDOI
PID: A Queue Management Scheme for Improving Network Resilience Under Worm Attacks
TL;DR: PID (per inefficiency dropping), a queue management scheme that can not only preserve bandwidth for normal traffic when a worm is spreading fast but also significantly reduce the spreading rate of the worm.
Proceedings Article
The Circle Of Life: A Large-Scale Study of The IoT Malware Lifecycle.
Book ChapterDOI
Comparative Study and Numerical Analysis
TL;DR: This chapter provides an extensive literature review on identifying the propagation source of malicious attacks by tracing research trends and hierarchically reviewing the contributions along each research line regarding identifying the propagate source ofmal attacks.
Book ChapterDOI
Security architecture for virtual machines
TL;DR: It is shown that the proposed security architecture based on virtual machine monitor is capable of detecting suspicious processes running in the virtual machine, can detect and prevent different types of attacks including zero day attacks by monitoring thevirtual machine traffic and the processes that are generating or receiving the traffic.
References
More filters
Proceedings Article
Inferring internet denial-of-service activity
TL;DR: This article presents a new technique, called “backscatter analysis,” that provides a conservative estimate of worldwide denial-of-service activity, and believes it is the first to provide quantitative estimates of Internet-wide denial- of- service activity.
Proceedings Article
How to Own the Internet in Your Spare Time
TL;DR: This work develops and evaluates several new, highly virulent possible techniques: hit-list scanning, permutation scanning, self-coordinating scanning, and use of Internet-sized hit-lists (which creates a flash worm).
Proceedings ArticleDOI
Code-Red: a case study on the spread and victims of an internet worm
TL;DR: The experience of the Code-Red worm demonstrates that wide-spread vulnerabilities in Internet hosts can be exploited quickly and dramatically, and that techniques other than host patching are required to mitigate Internet worms.
Proceedings ArticleDOI
Internet quarantine: requirements for containing self-propagating code
TL;DR: The design space of worm containment systems is described using three key parameters - reaction time, containment strategy and deployment scenario - and the lower bounds that any such system must exceed to be useful today are demonstrated.
Journal ArticleDOI
Inferring Internet denial-of-service activity
TL;DR: In this paper, the authors present a new technique, called backscatter analysis, that provides a conservative estimate of worldwide denial-of-service activity, and quantitatively assess the number, duration and focus of attacks, and qualitatively characterize their behavior.