Journal ArticleDOI
Inside the Slammer worm
David Moore,Vern Paxson,Stefan Savage,Colleen Shannon,Stuart Staniford,Nicholas Weaver +5 more
- Vol. 1, Iss: 4, pp 33-39
TLDR
The Slammer worm spread so quickly that human response was ineffective, and why was it so effective and what new challenges do this new breed of worm pose?Abstract:
The Slammer worm spread so quickly that human response was ineffective. In January 2003, it packed a benign payload, but its disruptive capacity was surprising. Why was it so effective and what new challenges do this new breed of worm pose?.read more
Citations
More filters
Proceedings Article
Can we contain Internet worms
TL;DR: Preliminary results are presented showing that Vigilante can effectively contain fast spreading worms that exploit unknown vulnerabilities, and is proposed as a new host centric approach for automatic worm containment.
Proceedings ArticleDOI
Access for sale: a new class of worm
TL;DR: A new type of worm is introduced that enables a division of labor in the authors of self-reproducing malware, installing a back door on each infected system that opens only when presented a system-specific ticket generated by the worm's author.
Proceedings ArticleDOI
An empirical study of malware evolution
TL;DR: A novel graph pruning technique is developed to establish the inheritance relationships between different instances of malcode based on temporal information and key common phrases identified in the malcode descriptions.
Proceedings ArticleDOI
On the effectiveness of automatic patching
Milan Vojnovic,Ayalvadi Ganesh +1 more
TL;DR: The use of filtering in combination with patching is evaluated and it is demonstrated that it can substantially improve worm containment and accommodate a variety of overlays by a novel abstraction of minimum broadcast curve.
References
More filters
Proceedings Article
Inferring internet denial-of-service activity
TL;DR: This article presents a new technique, called “backscatter analysis,” that provides a conservative estimate of worldwide denial-of-service activity, and believes it is the first to provide quantitative estimates of Internet-wide denial- of- service activity.
Proceedings Article
How to Own the Internet in Your Spare Time
TL;DR: This work develops and evaluates several new, highly virulent possible techniques: hit-list scanning, permutation scanning, self-coordinating scanning, and use of Internet-sized hit-lists (which creates a flash worm).
Proceedings ArticleDOI
Code-Red: a case study on the spread and victims of an internet worm
TL;DR: The experience of the Code-Red worm demonstrates that wide-spread vulnerabilities in Internet hosts can be exploited quickly and dramatically, and that techniques other than host patching are required to mitigate Internet worms.
Proceedings ArticleDOI
Internet quarantine: requirements for containing self-propagating code
TL;DR: The design space of worm containment systems is described using three key parameters - reaction time, containment strategy and deployment scenario - and the lower bounds that any such system must exceed to be useful today are demonstrated.
Journal ArticleDOI
Inferring Internet denial-of-service activity
TL;DR: In this paper, the authors present a new technique, called backscatter analysis, that provides a conservative estimate of worldwide denial-of-service activity, and quantitatively assess the number, duration and focus of attacks, and qualitatively characterize their behavior.