Journal ArticleDOI
Inside the Slammer worm
David Moore,Vern Paxson,Stefan Savage,Colleen Shannon,Stuart Staniford,Nicholas Weaver +5 more
- Vol. 1, Iss: 4, pp 33-39
TLDR
The Slammer worm spread so quickly that human response was ineffective, and why was it so effective and what new challenges do this new breed of worm pose?Abstract:
The Slammer worm spread so quickly that human response was ineffective. In January 2003, it packed a benign payload, but its disruptive capacity was surprising. Why was it so effective and what new challenges do this new breed of worm pose?.read more
Citations
More filters
Proceedings ArticleDOI
Exact Modeling of Propagation for Permutation-Scanning Worms
TL;DR: A mathematical model is proposed that precisely characterizes the propagation patterns of the permutation-scanning worms and is used to verify the numerical results from the model, and demonstrate how the model can be used to study the impact of various worm/network parameters on the propagation.
Journal ArticleDOI
A Coordinated Worm Detection Method Based on Local Nets
TL;DR: Experimental results show that this approach is promising for it can quickly find worm intrusion in local nets and extract unknown worm signatures that can be used for IDS (intrusion detection system) or firewall to prevent more worm threats.
Hitlist Worm Detection using Source IP Address History.
TL;DR: A new worm detection scheme, History-based IP Worm Detection, that can detect hitlist worms and uses the difference in the distribution of source addresses between regular users and scanning hosts to distinguish between worm probes and normal accesses.
Proceedings ArticleDOI
Behavioural Observation for Critical Infrastructure Security Support
TL;DR: In this work, the design for Behavioural Observation for Critical Infrastructure Security Support (BOCISS) is presented and an outline of the system architecture is presented.
Journal ArticleDOI
Longitudinal analysis of a large corpus of cyber threat descriptions
TL;DR: This paper process and analyze two of Symantec’s online threat description corpora, finding that the prevalence of different threat types such as worms and viruses in the corpora varies considerably over time.
References
More filters
Proceedings Article
Inferring internet denial-of-service activity
TL;DR: This article presents a new technique, called “backscatter analysis,” that provides a conservative estimate of worldwide denial-of-service activity, and believes it is the first to provide quantitative estimates of Internet-wide denial- of- service activity.
Proceedings Article
How to Own the Internet in Your Spare Time
TL;DR: This work develops and evaluates several new, highly virulent possible techniques: hit-list scanning, permutation scanning, self-coordinating scanning, and use of Internet-sized hit-lists (which creates a flash worm).
Proceedings ArticleDOI
Code-Red: a case study on the spread and victims of an internet worm
TL;DR: The experience of the Code-Red worm demonstrates that wide-spread vulnerabilities in Internet hosts can be exploited quickly and dramatically, and that techniques other than host patching are required to mitigate Internet worms.
Proceedings ArticleDOI
Internet quarantine: requirements for containing self-propagating code
TL;DR: The design space of worm containment systems is described using three key parameters - reaction time, containment strategy and deployment scenario - and the lower bounds that any such system must exceed to be useful today are demonstrated.
Journal ArticleDOI
Inferring Internet denial-of-service activity
TL;DR: In this paper, the authors present a new technique, called backscatter analysis, that provides a conservative estimate of worldwide denial-of-service activity, and quantitatively assess the number, duration and focus of attacks, and qualitatively characterize their behavior.