Journal ArticleDOI
Inside the Slammer worm
David Moore,Vern Paxson,Stefan Savage,Colleen Shannon,Stuart Staniford,Nicholas Weaver +5 more
- Vol. 1, Iss: 4, pp 33-39
TLDR
The Slammer worm spread so quickly that human response was ineffective, and why was it so effective and what new challenges do this new breed of worm pose?Abstract:
The Slammer worm spread so quickly that human response was ineffective. In January 2003, it packed a benign payload, but its disruptive capacity was surprising. Why was it so effective and what new challenges do this new breed of worm pose?.read more
Citations
More filters
Book
Foundations of Security: What Every Programmer Needs to Know
TL;DR: Using web servers and web applications as running examples throughout, this comprehensive guide helps you manage risk due to insecure code and build trust with users by showing how to write code to prevent, detect, and contain attacks.
Journal ArticleDOI
On the race of worms, alerts, and patches
Milan Vojnovic,Ayalvadi Ganesh +1 more
TL;DR: An analytical framework is provided to quantify the speed of patch or alert dissemination required for worm containment and provides quantitative estimates that can guide system designers in dimensioning automatic patching systems.
Proceedings ArticleDOI
Preliminary results using scale-down to explore worm dynamics
TL;DR: This work develops a series of abstract models approximating Slammer's Internet propagation and demonstrates that such modeling appears to require incorporating both heterogeneous clustering of infectibles and heterogeneous access-link bandwidths connecting those clusters to the Internet core.
Journal ArticleDOI
An Automated Signature-Based Approach against Polymorphic Internet Worms
Tang Yong,Chen Shigang +1 more
TL;DR: This paper proposes a new worm signature, called the position-aware distribution signature (PADS), which fills the gap between traditional signatures and anomaly-based intrusion detection systems and performs extensive experiments to demonstrate the effectiveness of PADS in separating new worm variants from normal background traffic.
Journal ArticleDOI
The Dynamics of Internet Traffic: Self-Similarity, Self-Organization, and Complex Phenomena
TL;DR: This paper is a review of the complex dynamics of Internet traffic from both the network engineering and physics perspectives showing the strengths and weaknesses as well as insights of both.
References
More filters
Proceedings Article
Inferring internet denial-of-service activity
TL;DR: This article presents a new technique, called “backscatter analysis,” that provides a conservative estimate of worldwide denial-of-service activity, and believes it is the first to provide quantitative estimates of Internet-wide denial- of- service activity.
Proceedings Article
How to Own the Internet in Your Spare Time
TL;DR: This work develops and evaluates several new, highly virulent possible techniques: hit-list scanning, permutation scanning, self-coordinating scanning, and use of Internet-sized hit-lists (which creates a flash worm).
Proceedings ArticleDOI
Code-Red: a case study on the spread and victims of an internet worm
TL;DR: The experience of the Code-Red worm demonstrates that wide-spread vulnerabilities in Internet hosts can be exploited quickly and dramatically, and that techniques other than host patching are required to mitigate Internet worms.
Proceedings ArticleDOI
Internet quarantine: requirements for containing self-propagating code
TL;DR: The design space of worm containment systems is described using three key parameters - reaction time, containment strategy and deployment scenario - and the lower bounds that any such system must exceed to be useful today are demonstrated.
Journal ArticleDOI
Inferring Internet denial-of-service activity
TL;DR: In this paper, the authors present a new technique, called backscatter analysis, that provides a conservative estimate of worldwide denial-of-service activity, and quantitatively assess the number, duration and focus of attacks, and qualitatively characterize their behavior.