Journal ArticleDOI
Inside the Slammer worm
David Moore,Vern Paxson,Stefan Savage,Colleen Shannon,Stuart Staniford,Nicholas Weaver +5 more
- Vol. 1, Iss: 4, pp 33-39
TLDR
The Slammer worm spread so quickly that human response was ineffective, and why was it so effective and what new challenges do this new breed of worm pose?Abstract:
The Slammer worm spread so quickly that human response was ineffective. In January 2003, it packed a benign payload, but its disruptive capacity was surprising. Why was it so effective and what new challenges do this new breed of worm pose?.read more
Citations
More filters
Proceedings ArticleDOI
Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications
TL;DR: In this paper, the authors propose techniques for automatic patch-based exploit generation, and show that their techniques can automatically generate exploits for 5 Microsoft programs based upon patches provided via Windows Update.
Proceedings ArticleDOI
Glacier: highly durable, decentralized storage despite massive correlated failures
TL;DR: Glasgow is described, a distributed storage system that relies on massive redundancy to mask the effect of large-scale correlated failures and is used as the storage layer for an experimental serverless email system.
Proceedings Article
The Internet Motion Sensor - A Distributed Blackhole Monitoring System.
TL;DR: The Internet Motion Sensor is introduced, a globally scoped Internet monitoring system whose goal is to measure, characterize, and track threats and the architectural tradeoffs are explored in the context of a 3 year deployment across multiple dark address blocks ranging in size from /24s to a /8.
Book ChapterDOI
Fast Detection of Scanning Worm Infections
TL;DR: The results show that this two-pronged approach successfully restricts the number of scans that a worm can complete, is highly effective, and has a low false alarm rate.
Proceedings ArticleDOI
A Taxonomy of Botnet Structures
TL;DR: This work proposes a taxonomy of botnet structures, based on their utility to the botmaster, and proposes key metrics to measure their utility for various activities (e.g., spam, ddos).
References
More filters
Proceedings Article
Inferring internet denial-of-service activity
TL;DR: This article presents a new technique, called “backscatter analysis,” that provides a conservative estimate of worldwide denial-of-service activity, and believes it is the first to provide quantitative estimates of Internet-wide denial- of- service activity.
Proceedings Article
How to Own the Internet in Your Spare Time
TL;DR: This work develops and evaluates several new, highly virulent possible techniques: hit-list scanning, permutation scanning, self-coordinating scanning, and use of Internet-sized hit-lists (which creates a flash worm).
Proceedings ArticleDOI
Code-Red: a case study on the spread and victims of an internet worm
TL;DR: The experience of the Code-Red worm demonstrates that wide-spread vulnerabilities in Internet hosts can be exploited quickly and dramatically, and that techniques other than host patching are required to mitigate Internet worms.
Proceedings ArticleDOI
Internet quarantine: requirements for containing self-propagating code
TL;DR: The design space of worm containment systems is described using three key parameters - reaction time, containment strategy and deployment scenario - and the lower bounds that any such system must exceed to be useful today are demonstrated.
Journal ArticleDOI
Inferring Internet denial-of-service activity
TL;DR: In this paper, the authors present a new technique, called backscatter analysis, that provides a conservative estimate of worldwide denial-of-service activity, and quantitatively assess the number, duration and focus of attacks, and qualitatively characterize their behavior.