Journal ArticleDOI
Inside the Slammer worm
David Moore,Vern Paxson,Stefan Savage,Colleen Shannon,Stuart Staniford,Nicholas Weaver +5 more
- Vol. 1, Iss: 4, pp 33-39
TLDR
The Slammer worm spread so quickly that human response was ineffective, and why was it so effective and what new challenges do this new breed of worm pose?Abstract:
The Slammer worm spread so quickly that human response was ineffective. In January 2003, it packed a benign payload, but its disruptive capacity was surprising. Why was it so effective and what new challenges do this new breed of worm pose?.read more
Citations
More filters
Journal ArticleDOI
An Enhanced Automated Signature Generation Algorithm for Polymorphic Malware Detection
TL;DR: A novel enhanced automated signature generation (EASG) algorithm to detect polymorphic malware is proposed, composed of enhanced-expectation maximum algorithm and enhanced K-means clustering algorithm.
Proceedings ArticleDOI
Comparative Study between Analytical Models and Packet-Level Worm Simulations
TL;DR: This work studies the worm propagation pattern predicted by one particular analytical model and compares it to packet-level simulations in the simulation models, which can take into account realistic network characteristics that include, queuing delay, packet-loss, link delays and also realistic worm characteristics at the expense of additional computational complexity.
Journal ArticleDOI
Peer to Peer Networks for Defense Against Internet Worms
Srinivas Shakkottai,R. Srikant +1 more
TL;DR: It is shown that by exploiting the exponential data dissemination capability of P2P systems, the spread of worms can be halted effectively and the maximum number of infected hosts are stopped.
Journal ArticleDOI
Multi-level Network Resilience: Traffic Analysis, Anomaly Detection and Simulation
Angelos K. Marnerides,Cyriac James,Alberto Schaeffer-Filho,Saad Y. Sait,Andreas Mauthe,Hema A. Murthy +5 more
TL;DR: The notion of multi-level network resilience is proposed, in order to provide a more robust traffic analysis and anomaly detection architecture, combining mechanisms and algorithms operating in a coordinated fashion both in the edge and in the core networks.
Journal ArticleDOI
Darknet-Based Inference of Internet Worm Temporal Characteristics
Qian Wang,Zesheng Chen,Chao Chen +2 more
TL;DR: This work applies statistical estimation techniques and proposes method of moments, maximum likelihood, and linear regression estimators and shows analytically and empirically that these estimators can better infer worm temporal characteristics than a naive estimator that has been used in the previous work.
References
More filters
Proceedings Article
Inferring internet denial-of-service activity
TL;DR: This article presents a new technique, called “backscatter analysis,” that provides a conservative estimate of worldwide denial-of-service activity, and believes it is the first to provide quantitative estimates of Internet-wide denial- of- service activity.
Proceedings Article
How to Own the Internet in Your Spare Time
TL;DR: This work develops and evaluates several new, highly virulent possible techniques: hit-list scanning, permutation scanning, self-coordinating scanning, and use of Internet-sized hit-lists (which creates a flash worm).
Proceedings ArticleDOI
Code-Red: a case study on the spread and victims of an internet worm
TL;DR: The experience of the Code-Red worm demonstrates that wide-spread vulnerabilities in Internet hosts can be exploited quickly and dramatically, and that techniques other than host patching are required to mitigate Internet worms.
Proceedings ArticleDOI
Internet quarantine: requirements for containing self-propagating code
TL;DR: The design space of worm containment systems is described using three key parameters - reaction time, containment strategy and deployment scenario - and the lower bounds that any such system must exceed to be useful today are demonstrated.
Journal ArticleDOI
Inferring Internet denial-of-service activity
TL;DR: In this paper, the authors present a new technique, called backscatter analysis, that provides a conservative estimate of worldwide denial-of-service activity, and quantitatively assess the number, duration and focus of attacks, and qualitatively characterize their behavior.