The speed of today’s worms demands automated detection, but the risk of false positives poses a difficult problem. In prior work, we proposed a host-based intrusion-detection system for worms that leveraged collaboration among peers to lower its risk of false positives, and we simulated this approach for a system with two peers. In this paper, we build upon that work and evaluate our ideas “in the wild.” We implement Wormboy 2.0, a prototype of our vision that allows us to quantify and compare worms’ and non-worms’ temporal consistency, similarity over time in worms’ and non-worms’ invocations of system calls. We deploy our prototype to a network of 30 hosts running Windows XP with Service Pack 2 to monitor and analyze 10,776 processes, inc...
Abstract: Problem statement: A worm is a malicious piece of code that self-propagates, often via net...
Abstract. As next-generation computer worms may spread within minutes to million of hosts, protectio...
Botnets allow adversaries to wage attacks on unprecedented scales at unprecedented rates, motivation...
We propose a host-based, runtime defense against worms that achieves negligible risk of false positi...
Worms are a major threat to the security and reliability of today's networks. Because they can sprea...
We present a method for detecting large-scale worm attacks using only end-host detectors. These dete...
Network worms are a major threat to the security of today's Internet-connected hosts and networks. T...
Worm containment must be automatic because worms can spread too fast for humans to respond. Recent w...
We present two light-weight worm detection algorithms that offer significant advantages over fixed-t...
The wide spread of worms poses serious challenges to today\u27s Internet.Various IDSes (Intrusion De...
Abstract — We present and evaluate the design of a new and comprehensive solution for automated worm...
As next-generation computer worms may spread within minutes to millions of hosts, protection via hum...
An Internet worm replicates itself by automatically infecting vulnerable systems and may infect hund...
Computer worms are a type of malicious malware that prey on networked machines. A number of differe...
Fast and accurate generation of worm signatures is essential to contain zero-day worms at the Intern...
Abstract: Problem statement: A worm is a malicious piece of code that self-propagates, often via net...
Abstract. As next-generation computer worms may spread within minutes to million of hosts, protectio...
Botnets allow adversaries to wage attacks on unprecedented scales at unprecedented rates, motivation...
We propose a host-based, runtime defense against worms that achieves negligible risk of false positi...
Worms are a major threat to the security and reliability of today's networks. Because they can sprea...
We present a method for detecting large-scale worm attacks using only end-host detectors. These dete...
Network worms are a major threat to the security of today's Internet-connected hosts and networks. T...
Worm containment must be automatic because worms can spread too fast for humans to respond. Recent w...
We present two light-weight worm detection algorithms that offer significant advantages over fixed-t...
The wide spread of worms poses serious challenges to today\u27s Internet.Various IDSes (Intrusion De...
Abstract — We present and evaluate the design of a new and comprehensive solution for automated worm...
As next-generation computer worms may spread within minutes to millions of hosts, protection via hum...
An Internet worm replicates itself by automatically infecting vulnerable systems and may infect hund...
Computer worms are a type of malicious malware that prey on networked machines. A number of differe...
Fast and accurate generation of worm signatures is essential to contain zero-day worms at the Intern...
Abstract: Problem statement: A worm is a malicious piece of code that self-propagates, often via net...
Abstract. As next-generation computer worms may spread within minutes to million of hosts, protectio...
Botnets allow adversaries to wage attacks on unprecedented scales at unprecedented rates, motivation...