Defending against Internet worms: A signature-based approach

Proceedings - IEEE INFOCOM

Volumn 2, Issue , 2005, Pages 1384-1394

  Tang, Yong ^a   Chen, Shigang ^a  

^a University of Florida   (United States)

Author keywords

System Design

Indexed keywords

ALGORITHMS; PACKET NETWORKS; PROBLEM SOLVING; TELECOMMUNICATION TRAFFIC;

LOCALIZED DEFENCE SYSTEMS; POLYMORPHIC WORMS; POSITION AWARE DISTRIBUTION SIGNATURES (PADS);

INTERNET;

EID: 25844462447     PISSN: 0743166X     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (25)

1. S. Staniford, V. Paxson, and N. Weaver, "How to Own the Internet in Your Spare Time," in Proceedings of the 11th USENIX Security Symposium (Security '2002), San Francisco, California, USA, Aug. 2002.
2. nd Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM '2003), San Francisco, California, USA, Apr. 2003.
3. th International Conference on Distributed Computing and Systems (ICDCS '2004),. Tokyo,Japan, Mar. 2004.
4. th ACM Conference on Computer and Communication Security (CCS'2003). Washington D.C., USA: ACM Press, Oct. 2003, pp. 251-261.
5. D. Moore, V. Paxson, S. Savage, C. Shannon, S. Staniford, and N. Weaver, "Inside the Slammer Worm," IEEE Magazine of Security and Privacy, pp. 33-39, July 2003.
6. th USENIX Security Conference (Security '1998). San Antonio, Texas, USA, Jan. 1998, pp. 63-78.
7. M. Eichin and J. Rochlis, "With Microscope and Tweezers: An Analysis of the Internet Virus of November 1988," in Proceedings of the 1989 IEEE Symposium on Security and Privacy. Oakland, California, USA, May 1989, pp. 326-344.
8. th ACM Conference on Computer and Communications Security (CCS '2002). Washington, DC, USA: ACM Press, Nov. 2002, pp. 138-147.
9. th ACM Conference on Computer and Communication Security (CCS '2003). Washington D.C., USA: ACM Press, Oct. 2003, pp. 190-199.
10. nd Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM' 2003), San Francisco, California, USA, Mar. 2003, pp. 1890-1900.
11. nd Internet Measurement Workshop (IMW '2002), Marseille, France, Nov. 2002, pp. 273-284.
12. J. O. Kephart and S. R. White, "Directed-Graph Epidemiological Models of Computer Viruses," in Proceedings of the 1991 IEEE Symposium on Security and Privacy, Oakland, California, USA, May 1991, pp. 343-361.
13. th Annual Computer Security Applications Conference (ACSAC '2002), Las Vegas, Neveda, USA, Oct. 2003.
14. H. Javitz and A. Valdes, "The NIDES Statistical Component Description and Justification," Computer Science Laboratory, SRI International, Menlo Park, California, USA, Tech. Rep., 1994.
15. th International Symposium on Recent Advances in Intrusion Detection (RAID '2004), Sophia Antipolis, French Riviera, France, Sept. 2004.
16. K. Ilgun, R. Kemmerer, and P. Porras, "State Transition Analysis: A Rule-based Intrusion Detection Approach," IEEE Trans. Software Eng., vol. 2, pp. 181-199, 1995.
17. U. Lindqvist and P. Porras, "Detecting Computer and Network Misuse Through the Production-Based Expert System Toolset (P-BEST)," in Proceedings of the 1999 Symposium on Security and Privacy, Oakland, California, USA, May 1999.
18. C. E. Lawrence and A. A. Reilly, "An Expectation Maximization (EM) Algorithm for the Identification and Characterization of Common Sites in Unaligned Biopolymer Sequences," PROTEINS:Structure, Function and Genetics, vol. 7, pp. 41-51, 1990.
19. C. E. Lawrence, S. F. Altschul, M. S. Boguski, J. S. Liu, A. F. Neuwald, and J. C. Wootton, "Detecting Subtle Sequence Signals: A Gibbs Sampling Strategy for Multiple Alignment," Science, vol. 262, pp. 208-214, Oct. 1993.
20. nd Workshop on Hot Topics in Networks (HotNets-II), Cambridge, Massachusetts, USA, Nov. 2003.
21. N. Provos, "A virtual Honeypot Framework," Center for Information Technology Integration, University of Michigan, Ann Arbor, Michigan, USA, Tech. Rep. CITI Technical Report 03-1, Oct. 2003.
22. C. Kaufman, R. Perlman, and M. Speciner. Network Security: Private Communication in a Public World. Upper Saddle River, NJ. USA: Prentice Hall, Inc., 2002.
23. M. Christodorescu and S. Jha, "Static Analysis of Executables to Detect Malicious Patterns," in Proceedings of the 12th USENIX Security Symposium (Security '2003), Washington D.C., USA, Aug. 2003.
24. S. Geman and D. Geman, "Stochastic Relaxation, Gibbs Distribution, and the Bayesian Restoration of Images," IEEE Trans. Pattern Anal. Machine Intell., vol. 6, pp. 721-741, 1984.
25. CERT/CC, "CERT Advisory CA-2003-20 - W32/Blaster worm," 2003. [Online]. Available: http://www.cert.org/advisories/CA-2003-20.html