Journal ArticleDOI
Inside the Slammer worm
David Moore,Vern Paxson,Stefan Savage,Colleen Shannon,Stuart Staniford,Nicholas Weaver +5 more
- Vol. 1, Iss: 4, pp 33-39
TLDR
The Slammer worm spread so quickly that human response was ineffective, and why was it so effective and what new challenges do this new breed of worm pose?Abstract:
The Slammer worm spread so quickly that human response was ineffective. In January 2003, it packed a benign payload, but its disruptive capacity was surprising. Why was it so effective and what new challenges do this new breed of worm pose?.read more
Citations
More filters
Journal ArticleDOI
Towards Situational Awareness of Large-Scale Botnet Probing Events
TL;DR: This work investigates ways to analyze collections of malicious probing traffic in order to understand the significance of large-scale “botnet probes,” and designs schemes to extrapolate the global properties of scanning events as inferred from the limited local view of a honeynet.
Book ChapterDOI
Collecting autonomous spreading malware using high-interaction honeypots
TL;DR: This paper presents an integrated toolkit called HoneyBow, which is able to collect autonomous spreading malware in an automated manner using high-interaction honeypots and demonstrates the capability of collecting new malware via a case study of a certain bot.
Proceedings ArticleDOI
Self-stopping worms
TL;DR: This paper shows that such "self-stopping" capabilities are trivial to add to existing worms, and can be efficiently implemented without any explicit coordination or additional network traffic.
Patent
Method and system for troubleshooting a misconfiguration of a computer system based on configurations of other computer systems
TL;DR: In this article, a method and system for identifying a configuration parameter of a "sick" computer system that is at fault for causing an undesired behavior based on analysis of configuration parameters from other computer systems is provided.
Book ChapterDOI
Cooperative automated worm response and detection immune ALgorithm(CARDINAL) inspired by t-cell immunity and tolerance
TL;DR: It is shown how the three central T-cell processes, namely T- cell maturation, differentiation and proliferation, naturally map into this domain and further illustrate how such an algorithm fits into a complete immune inspired computer security system and framework.
References
More filters
Proceedings Article
Inferring internet denial-of-service activity
TL;DR: This article presents a new technique, called “backscatter analysis,” that provides a conservative estimate of worldwide denial-of-service activity, and believes it is the first to provide quantitative estimates of Internet-wide denial- of- service activity.
Proceedings Article
How to Own the Internet in Your Spare Time
TL;DR: This work develops and evaluates several new, highly virulent possible techniques: hit-list scanning, permutation scanning, self-coordinating scanning, and use of Internet-sized hit-lists (which creates a flash worm).
Proceedings ArticleDOI
Code-Red: a case study on the spread and victims of an internet worm
TL;DR: The experience of the Code-Red worm demonstrates that wide-spread vulnerabilities in Internet hosts can be exploited quickly and dramatically, and that techniques other than host patching are required to mitigate Internet worms.
Proceedings ArticleDOI
Internet quarantine: requirements for containing self-propagating code
TL;DR: The design space of worm containment systems is described using three key parameters - reaction time, containment strategy and deployment scenario - and the lower bounds that any such system must exceed to be useful today are demonstrated.
Journal ArticleDOI
Inferring Internet denial-of-service activity
TL;DR: In this paper, the authors present a new technique, called backscatter analysis, that provides a conservative estimate of worldwide denial-of-service activity, and quantitatively assess the number, duration and focus of attacks, and qualitatively characterize their behavior.