Add to ORKGWorm detection systems have traditionally focused on global strategies. In the absence of a global worm detection system, we examine the effectiveness of local worm detection and response strategies. This paper makes three contributions: (1) We propose a simple two-phase local worm victim detection algorithm, DSC (Destination-Source Correlation), based on worm behavior in terms of both infection pattern and scanning pattern. DSC can detect zero-day scanning worms with a high detection rate and very low false positive rate. (2) We demonstrate the effectiveness of early worm warning based on local victim information. For example, warning occurs with 0.19 % infection of all vulnerable hosts on Internet when using a /12 monitored network. (3) B...
Abstract: Problem statement: A worm is a malicious piece of code that self-propagates, often via net...
Worm detection and response systems must act quickly to identify and quarantine scanning worms, as w...
Worms are arguably the most serious security threat facing the Internet. Seeking a detection techniq...
The need for a global monitoring system for Internet worm detection is clear. Likewise, the need for...
Abstract — After many Internet-scale worm incidents in recent years, it is clear that a simple self-...
Network worms are a major threat to the security of today's Internet-connected hosts and networks. T...
We propose an Internet-worm early warning system, which integrates a set of novel techniques that au...
After many Internet-scale worm incidents in recent years, it is clear that a simple self-propagating...
After many Internet-scale worm incidents in recent years, it is clear that a simple self-propagating...
We present two light-weight worm detection algorithms that offer significant advantages over fixed-t...
In recent years, fast spreading worms have become one of the major threats to the security of the In...
Since the days of the Morris worm, the spread of malicious code has been the most imminent menace to...
Self-duplicating, self-propagating malicious codes known as computer worms spread themselves without...
After several Internet-scale worm incidents in recent years, it is clear that a simple self-propagat...
Morris worm showed the Internet community for the first time in 1988 that a worm could bring the Int...
Abstract: Problem statement: A worm is a malicious piece of code that self-propagates, often via net...
Worm detection and response systems must act quickly to identify and quarantine scanning worms, as w...
Worms are arguably the most serious security threat facing the Internet. Seeking a detection techniq...
The need for a global monitoring system for Internet worm detection is clear. Likewise, the need for...
Abstract — After many Internet-scale worm incidents in recent years, it is clear that a simple self-...
Network worms are a major threat to the security of today's Internet-connected hosts and networks. T...
We propose an Internet-worm early warning system, which integrates a set of novel techniques that au...
After many Internet-scale worm incidents in recent years, it is clear that a simple self-propagating...
After many Internet-scale worm incidents in recent years, it is clear that a simple self-propagating...
We present two light-weight worm detection algorithms that offer significant advantages over fixed-t...
In recent years, fast spreading worms have become one of the major threats to the security of the In...
Since the days of the Morris worm, the spread of malicious code has been the most imminent menace to...
Self-duplicating, self-propagating malicious codes known as computer worms spread themselves without...
After several Internet-scale worm incidents in recent years, it is clear that a simple self-propagat...
Morris worm showed the Internet community for the first time in 1988 that a worm could bring the Int...
Abstract: Problem statement: A worm is a malicious piece of code that self-propagates, often via net...
Worm detection and response systems must act quickly to identify and quarantine scanning worms, as w...
Worms are arguably the most serious security threat facing the Internet. Seeking a detection techniq...