scispace - formally typeset
Open AccessBook

The Internet worm incident

Eugene H. Spafford
- pp 203
TLDR
On the evening of 2 November 1988, someone “infected” Internet with a worm program that exploited flaws in utility programs in systems based on BSD-derived versions of Unix to break into machines and copy itself, thus infecting those systems.
Abstract
On the evening of 2 November 1988, someone “infected” Internet with a worm program. That program exploited flaws in utility programs in systems based on BSD-derived versions of Unix. The flaws allowed the program to break into those machines and copy itself, thus infecting those systems. This program eventually spread to thousands of machines, and disrupted normal activities and Internet connectivity for many days.

read more

Citations
More filters
Journal ArticleDOI

On the self-similar nature of Ethernet traffic (extended version)

Will E. Leland, +3 more
- 01 Feb 1994 - 
TL;DR: It is demonstrated that Ethernet LAN traffic is statistically self-similar, that none of the commonly used traffic models is able to capture this fractal-like behavior, and that such behavior has serious implications for the design, control, and analysis of high-speed, cell-based networks.
Proceedings ArticleDOI

Glacier: highly durable, decentralized storage despite massive correlated failures

Andreas Haeberlen, +2 more
TL;DR: Glasgow is described, a distributed storage system that relies on massive redundancy to mask the effect of large-scale correlated failures and is used as the storage layer for an experimental serverless email system.
Proceedings ArticleDOI

Measurement and analysis of worm propagation on Internet network topology

Jonghyun Kim, +2 more
TL;DR: This study applies the classical SIS model and a modification of SIR model to simulate worm propagation in two different network topologies and shows that time to infect a large portion of the network vary significantly depending on where the infection begins.

On preventing intrusions by process behavior monitoring

R. C. Sekar, +2 more
TL;DR: Real-time detection is addressed by real-time event monitoring and comparison against events known to be unacceptable, and seamlessly integrate detection and reaction by designing the specification language to also allow specification of reactions.

An Analysis Slapper Worm

Ivan Arce, +1 more
TL;DR: It is proved that the Slapper is a variation of the Apache Scalper worm by comparing the source code and removing certain features from the original to reduce the perception that it was a tool developed to cause direct harm to networks.