Journal ArticleDOI
Inside the Slammer worm
David Moore,Vern Paxson,Stefan Savage,Colleen Shannon,Stuart Staniford,Nicholas Weaver +5 more
- Vol. 1, Iss: 4, pp 33-39
TLDR
The Slammer worm spread so quickly that human response was ineffective, and why was it so effective and what new challenges do this new breed of worm pose?Abstract:
The Slammer worm spread so quickly that human response was ineffective. In January 2003, it packed a benign payload, but its disruptive capacity was surprising. Why was it so effective and what new challenges do this new breed of worm pose?.read more
Citations
More filters
Proceedings ArticleDOI
Optimal position searching for automated malware signature generation
TL;DR: A method of searching the optimal area in a PE file for an automated malware signature generation and showing the results and the extracted signature's performance from the selected area with the real malwares.
Proceedings ArticleDOI
Malicious objects propagation dynamics in the network
TL;DR: An attempt is made to develop a discrete-time “Susceptible-Attacked-Infectious-Non-infectious (SAIN)” model for computer infection with the aim of estimating parameters such as time of attack, incubation time, and mean infection time by using probabilistic approach.
Posted Content
Selfish Response to Epidemic Propagation
TL;DR: In this article, the authors studied the equilibrium states reached by a network whose members increase (resp. decrease) their security deployment when learning that the network infection is widespread, and they found that the equilibrium level of infection increases as the learning rate of the members increases.
Towards classifying and selecting appropriate security visualization techniques
TL;DR: This thesis analyzes three common classes of network attacks that security analysts encounter and uses a task-based methodology to assess the usability, insight gained and overall usefulness of visualization tools for specific classes of attacks.
Analytical Characterization of Internet Security Attacks.
TL;DR: This thesis proposal designs and implements a covert timing channel over TCP/IP networks, and is able to quantify the achievable data rate of such a covert channel, by sacrificing data rate, which makes detecting such communication virtually impossible.
References
More filters
Proceedings Article
Inferring internet denial-of-service activity
TL;DR: This article presents a new technique, called “backscatter analysis,” that provides a conservative estimate of worldwide denial-of-service activity, and believes it is the first to provide quantitative estimates of Internet-wide denial- of- service activity.
Proceedings Article
How to Own the Internet in Your Spare Time
TL;DR: This work develops and evaluates several new, highly virulent possible techniques: hit-list scanning, permutation scanning, self-coordinating scanning, and use of Internet-sized hit-lists (which creates a flash worm).
Proceedings ArticleDOI
Code-Red: a case study on the spread and victims of an internet worm
TL;DR: The experience of the Code-Red worm demonstrates that wide-spread vulnerabilities in Internet hosts can be exploited quickly and dramatically, and that techniques other than host patching are required to mitigate Internet worms.
Proceedings ArticleDOI
Internet quarantine: requirements for containing self-propagating code
TL;DR: The design space of worm containment systems is described using three key parameters - reaction time, containment strategy and deployment scenario - and the lower bounds that any such system must exceed to be useful today are demonstrated.
Journal ArticleDOI
Inferring Internet denial-of-service activity
TL;DR: In this paper, the authors present a new technique, called backscatter analysis, that provides a conservative estimate of worldwide denial-of-service activity, and quantitatively assess the number, duration and focus of attacks, and qualitatively characterize their behavior.