Using Sensor Networks and Data Fusion for Early Detection of Active Worms

Proceedings of SPIE - The International Society for Optical Engineering

Volumn 5071, Issue , 2003, Pages 92-104

  Berk, Vincent H ^a   Gray, Robert S ^a   Bakos, George ^a  

^a DARTMOUTH COLLEGE   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

ACTIVE COMPUTER WORMS; UNREACHABLE MESSAGES;

COMPUTER ARCHITECTURE; COMPUTER SYSTEM FIREWALLS; COMPUTER WORMS; ELECTRONIC CRIME COUNTERMEASURES; INFORMATION ANALYSIS; INTERNET; NETWORK PROTOCOLS; PROBLEM SOLVING; RANDOM PROCESSES; SCANNING; SECURITY OF DATA;

SENSOR DATA FUSION;

EID: 1642434224     PISSN: 0277786X     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1117/12.500849     Document Type: Conference Paper

References (20)

1. D. Moore, C. Shannon, and J. Brown, "Code Red: A case study on the spread and victims of an Internet worm," in Proceedings of the Second Internet Measurement Workshop (IMW 2002), November 2002.
2. D. Moore, V. Paxon, S. Savage, C. Shannon, S. Staniford, and N. Weaver, "The spread of the Sapphire/Slammer worm," technical report, CAIDA, 2003.
3. D. Daley and J. Gani, Epidemic Modeling, Cambridge University Press, 1999.
4. "Microsoft SQL Sapphire worm analysis," technical report, eEye Digital Security, 2003. Available at http://www.eeye.com/html/Research/Flash/AL20030125.html.
5. J. Postel, "RFC 792: Internet Control Message Protocol," Request for Comments 792, 1981.
6. F. Baker, "RFC 1812: Requirements for IP version 4 routers," Request for Comments 1812, 1995.
7. D. B. Reid, "An algorithm for tracking multiple targets," IEEE Transactions on Automatic Control AC-24, pp. 843-854, December 1979.
8. B. DuCharme, XML: The Annotated Specification, Prentice Hall, 1999.
9. M. Liljenstam, Y. Yuan, B. Premore, and D. Nicol, "A mixed abstraction level simulation model of large-scale Internet worm infestations," in Proceedings of Tenth IEEE/ACM International Conference on Modeling, Analysis and Simulation of Computer and Communications Systems (MASCOTS 2002), October 2002.
10. J. Kephart and S. White, "Directed-graph epidemiological models of computer viruses," in Proceedings of the 1991 IEEE Computer Society Symposium on Research in Security and Privacy, May 1991.
11. D. Moore, C. Shannon, G. M. Voelker, and S. Savage, "Internet quarantine: Requirements for containing self-propagating code," in Proceedings of the 22nd Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM 2003), April 2003. To appear.
12. W. Fan, M. Miller, S. Stolfo, W. Lee, and P. Chan, "Using artificial anomalies to detect known and unknown network intrusions," in Proceedings of the First International Conference on Data Mining, November 2001.
13. D. J. Burroughs, L. F. Wilson, and G. V. Cybenko, "Analysis of distributed intrusion detection systems using Bayesian methods," in Proceedings of the 21st IEEE International Performance, Computing and Communications Conference (IPCCC 2002), April 2002.
14. J. B. D. Cabrera, L. Lewis, X. Qin, W. Lee, and R. K. Mehra, "Proactive intrusion detection and distributed denial of service attacks - a case study in security management," Journal of Network and Systems Management 10, June 2002.
15. S. Staniford, V. Paxson, and N. Weaver, "How to Own the Internet in your spare time," in Proceedings of the 11th USENIX Security Symposium (Security '02), August 2002.
16. E. Spafford, "The Internet worm incident," in Proceedings of the Second European Software Engineering Conference (ESEC '89), Lecture Notes in Computer Science 87, pp. 446-468, Springer-Verlag, September 1989.
17. S. Cheung, R. Crawford, M. Dilger, J. Frank, J. Hoagland, K. Levitt, J. Rowe, S. Staniford-Chen, R. Yip, and D. Zerkle, "The design of GrIDS: A graph-based intrusion detection system," Technical Report CSE-99-2, Department of Computer Science at UC Davis, 1999.
18. S. Staniford, "Analysis of the spread of the July infestation of the Code Red worm," technical report, Silicon Defense, 2001.
19. M. W. Eichin and J. A. Rochlis, "With microscope and tweezers: An analysis of the Internet virus of November 1988," in Proceedings of the 1989 IEEE Computer Society Symposium on Security and Privacy, May 1989.
20. J. O. Kephart, "A biologically inspired immune system for computers," Artificial Life IV, 1994.