Journal ArticleDOI
Inside the Slammer worm
David Moore,Vern Paxson,Stefan Savage,Colleen Shannon,Stuart Staniford,Nicholas Weaver +5 more
- Vol. 1, Iss: 4, pp 33-39
TLDR
The Slammer worm spread so quickly that human response was ineffective, and why was it so effective and what new challenges do this new breed of worm pose?Abstract:
The Slammer worm spread so quickly that human response was ineffective. In January 2003, it packed a benign payload, but its disruptive capacity was surprising. Why was it so effective and what new challenges do this new breed of worm pose?.read more
Citations
More filters
Journal ArticleDOI
Mitigating denial of service attacks: a tutorial
TL;DR: This tutorial describes what Denial of Service (DOS) attacks are, how they can be carried out in IP networks, and how one can defend against them.
Book ChapterDOI
Seurat: A Pointillist Approach to Anomaly Detection
TL;DR: This paper proposes a new approach to detecting aggregated anomalous events by correlating host file system changes across space and time, and develops a method to detect similar, coincident changes to the patterns of file updates that are shared across multiple hosts.
Journal ArticleDOI
EiSIRS: a formal model to analyze the dynamics of worm propagation in wireless sensor networks
TL;DR: Simulation results show that the process of worm propagation in WSNs is sensitive to the energy consumption of nodes and the sleep and work interleaving schedule policy for nodes, and this paper provides new insights for the dynamics of worm propagate in W SNs.
Proceedings ArticleDOI
Design and implementation of an extrusion-based break-in detector for personal computers
TL;DR: A host based system, BINDER (Break-IN DEtectoR), to detect break-ins by capturing user unintended malicious outbound connections and infer user intent at the process level under the assumption that user intent is implied by user-driven input.
Patent
Privacy enhanced error reports
TL;DR: In this article, the authors describe methods and apparatus for generating error reports with enhanced privacy in an embodiment where the error is triggered by an input to a software program and an error report is generated by identifying conditions on an input, which ensure that, for any input which satisfies the conditions, the software program will follow the same execution path such that the error can be reproduced.
References
More filters
Proceedings Article
Inferring internet denial-of-service activity
TL;DR: This article presents a new technique, called “backscatter analysis,” that provides a conservative estimate of worldwide denial-of-service activity, and believes it is the first to provide quantitative estimates of Internet-wide denial- of- service activity.
Proceedings Article
How to Own the Internet in Your Spare Time
TL;DR: This work develops and evaluates several new, highly virulent possible techniques: hit-list scanning, permutation scanning, self-coordinating scanning, and use of Internet-sized hit-lists (which creates a flash worm).
Proceedings ArticleDOI
Code-Red: a case study on the spread and victims of an internet worm
TL;DR: The experience of the Code-Red worm demonstrates that wide-spread vulnerabilities in Internet hosts can be exploited quickly and dramatically, and that techniques other than host patching are required to mitigate Internet worms.
Proceedings ArticleDOI
Internet quarantine: requirements for containing self-propagating code
TL;DR: The design space of worm containment systems is described using three key parameters - reaction time, containment strategy and deployment scenario - and the lower bounds that any such system must exceed to be useful today are demonstrated.
Journal ArticleDOI
Inferring Internet denial-of-service activity
TL;DR: In this paper, the authors present a new technique, called backscatter analysis, that provides a conservative estimate of worldwide denial-of-service activity, and quantitatively assess the number, duration and focus of attacks, and qualitatively characterize their behavior.