Using predators to combat worms and viruses: A simulation-based study

Proceedings - Annual Computer Security Applications Conference, ACSAC

Volumn , Issue , 2004, Pages 116-125

  Gupta, Ajay ^a   DuVarney, Daniel C ^a  

^a Stony Brook University   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

COMBAT WORMS; MALWARES; MEMORY ERRORS; PREDATORS; SELF-PROPAGATING ATTACKS;

CODES (STANDARDS); COMPUTER NETWORKS; COMPUTER PROGRAMMING; COMPUTER SIMULATION; DATA STORAGE EQUIPMENT; PROBLEM SOLVING; WORLD WIDE WEB;

COMPUTER VIRUSES;

EID: 21644434256     PISSN: 10639527     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/CSAC.2004.47     Document Type: Conference Paper

References (32)

1. L. Bettini, R. D. Nicola, and M. Loreti. Software update via mobile agent based programming. In Proceedings of the 2002 ACM symposium on Applied computing, pages 32-36. ACM Press, 2002.
2. S. Bhatkar, D. C. DuVarney, and R. Sekar. Address obfuscation: an efficient approach to combat a broad range of memory error exploits. In USENIX Security Symposium, 2003.
3. L. Briesemeister, P. lincoln, and P. Porras. Epidemic profiles and defense of scale-free networks. In ACM Workshop on Rapid Malcode, 2003.
4. Cert advisory ca-1999-04 melissa macro virus. http://www.cert.org/advisories/ca-1999-04.html.
5. Cert advisory ca-2001-22 w32/sircam malicious code. http://www.cert.org/advisories/ca-2001-22.html.
6. Cert advisory ca-2001-26 nimda worm. http://www.cert.org/advisories/ca-2001-26.html.
7. Cert advisory ca-2003-04 ms-sql server worm. http://www.cert.org/advisories/CA-2003-04.html.
8. Cert advisory ca-2003-04 w32/mydoom.b virus. http://www.us-cert.gov/cas/techalerts/TA04-028A.html.
9. Cert advisory ca-2003-20 w32/blaster worm. http://www.cert.org/advisories/CA-2003-20.html.
10. Cert advisory ca-2004-04 email-borne viruses. http://www.cert.org/advisories/CA-2004-02.html.
11. Cert, code red ii: Another worm exploiting buffer overflow in us indexing service dll. http://www.cert.org/incident_notes/in-2001-09.html.
12. Cert incident note in-2003-03 w32/sobig.f worm. http://www.cert.org/incident_notes/IN-2003-03.html.
13. Z. Chen, L. Gao, and K. Kwait. Modeling the spread of active worms. In IEEE Infocom, 2003.
14. S. Forrest, A. Somayaji, and D. H. Ackley. Building diverse computer systems. In Workshop on Hot Topics in Operating Systems, 1997.
15. S. Gorman, R. Kulkarni, L. Schintler, and R. Stough. A network based simulation approach to cybersecurity policy. http://policy.gmu.edu/imp/research.html.
16. S. P. Gorman, R. G. Kulkarni, L. A. Schintler, and R. R. Stough. A predator prey approach to the network structure of cyberspace. In Proceedings of the winter international synposium on Information and communication technologies, pages 1-6. Trinity College Dublin, 2004.
17. R. Grimes. Malicious Code. O'Reilly and Associates, 2001.
18. A. Gupta and R. Sekar. An approach for detecting self-propagating email using anomaly detection. In Recent Advances in Intrusion Detection, 2003.
19. J. Jorgensen, P. Rossignol, M. Takikawa, and D. Upper. Cyber ecology: Looking to ecology for insights into information assurance. In DARPA Information Suvivability Conference and Exposition, 2001.
20. A. Kara. On the use of intrusion technologies to distribute non-malicious programs to vulnerable computers. Technical report, University of Aizu, 2001.
21. J. Kephart and S. White. Directed-graph epidemiological models of computer viruses. In IEEE Computer Society Symposium on Research in Security and Privacy, pages 343-359, 1991.
22. M. Liljenstam, D. M. Nicol, V. H. Berk, and R. S. Gray. Simulating realistic network worm traffic for worm warning system design and testing. In Proceedings of the 2003 ACM workshop on Rapid Malcode, pages 24-33. ACM Press, 2003.
23. Patch management, security updates, and downloads. http://www.microsoft.com/technet/default.mspx.
24. R. Sekar, A. Gupta, J. Frullo, T. Shanbhag, A. Tiwari, H. Yang, and S. Zhou. Specification-based anomaly detection: a new approach for detecting network intrusions. In ACM Computer and Communication Security Conference, 2002.
25. S. Sidiroglu and A. D. Keromytis. Countering network worms through automatch patch generation. Technical Report 029-03, Columbia University Department of Computer Science, 2003.
26. S. Staniford. Analysis of spread of July infestation of the code red worm, http://www.silicondefense.com/cr/july.html.
27. S. Staniford, V. Paxson, and N. Weaver. How to own the internet in your spare time. In Usenix Security Symposium, 2002.
28. H. Toyoizumi and A. Kara. Predators: Good will mobile codes combat against computer viruses. In New Security Paradigms Workshop, 2002.
29. Y. Wang and C. Wang. Modeling the effects of timing parameters on virus propagation. In ACM Workshop on Rapid Malcode, 2003.
30. N. Weaver, V. Paxson, S. Staniford, and R. Cunningham. A taxonomy of computer worms. In ACM Workshop on Rapid Malcode, 2003.
31. C. Zou, L. Gao, W. Gong, and D. Towsley. Monitoring and early warning for internet worms. In ACM Computer and Communication Security Conference, 2003.
32. C. Zou, W. Gong, and D. Towsley. Code red worm propagation modeling and analysis. In ACM Computer and Communication Security Conference, 2002.