메뉴 건너뛰기




Volumn 4, Issue 3, 2009, Pages 530-541

An information-theoretic view of network-aware malware attacks

Author keywords

Attack models; Network security; Performance metrics

Indexed keywords

ATTACK MODELS; DEFENSE STRATEGY; HOST-BASED; INFECTION RATES; INFORMATION BIT; LARGE DATASETS; MALWARE ATTACKS; MALWARE PROPAGATION; MALWARES; NETWORK VULNERABILITY; NONUNIFORM; NONUNIFORMITY; PERFORMANCE METRICS; RENYI ENTROPY; RENYI INFORMATION; SCANNING ALGORITHMS; SCANNING METHODS; SPREADING SPEED;

EID: 69749100394     PISSN: 15566013     EISSN: None     Source Type: Journal    
DOI: 10.1109/TIFS.2009.2025847     Document Type: Article
Times cited : (31)

References (44)
  • 2
    • 34249007032 scopus 로고    scopus 로고
    • Worm propagation strategies in an IPv6 Internet
    • Feb.
    • S. M. Bellovin, B. Cheswick, and A. Keromytis, "Worm propagation strategies in an IPv6 Internet," Login, vol.31, no.1, pp. 70-76, Feb. 2006.
    • (2006) Login , vol.31 , Issue.1 , pp. 70-76
    • Bellovin, S.M.1    Cheswick, B.2    Keromytis, A.3
  • 6
    • 0042474227 scopus 로고    scopus 로고
    • Modeling the spread of active worms
    • San Francisco, CA, Apr.
    • Z. Chen, L. Gao, and K. Kwiat, "Modeling the spread of active worms," in Proc. INFOCOM'03, San Francisco, CA, Apr. 2003, vol.3, pp. 1890-1900.
    • (2003) Proc. INFOCOM'03 , vol.3 , pp. 1890-1900
    • Chen, Z.1    Gao, L.2    Kwiat, K.3
  • 9
    • 34548324846 scopus 로고    scopus 로고
    • Measuring network-aware worm spreading ability
    • Anchorage, AK, May
    • Z. Chen and C. Ji, "Measuring network-aware worm spreading ability," in Proc. INFOCOM'07, Anchorage, AK, May 2007.
    • (2007) Proc. INFOCOM'07
    • Chen, Z.1    Ji, C.2
  • 10
    • 31844443075 scopus 로고    scopus 로고
    • A self-learning worm using importance scanning
    • Fairfax, VA, Nov.
    • Z. Chen and C. Ji, "A self-learning worm using importance scanning," in Proc. ACM/CCS Workshop Rapid Malcode (WORM'05), Fairfax, VA, Nov. 2005, pp. 22-29.
    • (2005) Proc. ACM/CCS Workshop Rapid Malcode (WORM'05) , pp. 22-29
    • Chen, Z.1    Ji, C.2
  • 11
    • 51349126234 scopus 로고    scopus 로고
    • Spatial-temporal characteristics of malicious sources
    • Phoenix, AZ, Apr.
    • Z. Chen, C. Ji, and P. Barford, "Spatial-temporal characteristics of malicious sources," in Proc. INFOCOM'08 Mini-Conf., Phoenix, AZ, Apr. 2008.
    • (2008) Proc. INFOCOM'08 Mini-Conf.
    • Chen, Z.1    Ji, C.2    Barford, P.3
  • 12
    • 84926662675 scopus 로고
    • Nearest neighbor pattern classification
    • Jan.
    • T. M. Cover and P. E. Hart, "Nearest neighbor pattern classification," IEEE Trans. Inf. Theory, vol.IT-13, no.1, pp. 21-27, Jan. 1967.
    • (1967) IEEE Trans. Inf. Theory , vol.IT-13 , Issue.1 , pp. 21-27
    • Cover, T.M.1    Hart, P.E.2
  • 14
    • 25644446918 scopus 로고    scopus 로고
    • The effect of DNS delays on worm propagation in an IPv6 Internet
    • Miami, FL, Mar.
    • H. Feng, A. Kamra, V. Misra, and A. D. Keromytis, "The effect of DNS delays on worm propagation in an IPv6 Internet," in Proc. IN-FOCOM'05, Miami, FL, Mar. 2005, vol.4, pp. 2405-2414.
    • (2005) Proc. IN-FOCOM'05 , vol.4 , pp. 2405-2414
    • Feng, H.1    Kamra, A.2    Misra, V.3    Keromytis, A.D.4
  • 19
    • 0141762461 scopus 로고    scopus 로고
    • Code-Red: A case study on the spread and victims of an Internet worm
    • Marseille, France, Nov.
    • D. Moore, C. Shannon, and J. Brown, "Code-Red: A case study on the spread and victims of an Internet worm," in ACM SIGCOMM Internet Measurement Workshop, Marseille, France, Nov. 2002.
    • (2002) ACM SIGCOMM Internet Measurement Workshop
    • Moore, D.1    Shannon, C.2    Brown, J.3
  • 22
    • 0001204475 scopus 로고
    • Some fundamental questions of information theory
    • Budapest: Akademiai Kiado
    • A. Renyi, "Some fundamental questions of information theory," in Selected Papers of Alfred Renyi. Budapest: Akademiai Kiado, 1976, vol.2, pp. 526-552.
    • (1976) Selected Papers of Alfred Renyi , vol.2 , pp. 526-552
    • Renyi, A.1
  • 25
    • 4344627335 scopus 로고    scopus 로고
    • The spread of the Witty worm
    • Jul./Aug.
    • C. Shannon and D. Moore, "The spread of the Witty worm," IEEE Security Privacy, vol.2, no.4, pp. 46-50, Jul./Aug. 2004.
    • (2004) IEEE Security Privacy , vol.2 , Issue.4 , pp. 46-50
    • Shannon, C.1    Moore, D.2
  • 28
    • 51349085987 scopus 로고    scopus 로고
    • Sampling strategies for epidemicstyle information dissemination
    • Phoenix, AZ, Apr.
    • M. Vojnovic, V. Gupta, T. Karagiannis, and C. Gkantsidis, "Sampling strategies for epidemic-style information dissemination," in Proc. INFOCOM'08, Phoenix, AZ, Apr. 2008.
    • (2008) Proc. INFOCOM'08
    • Vojnovic, M.1    Gupta, V.2    Karagiannis, T.3    Gkantsidis, C.4
  • 31
    • 33646150900 scopus 로고    scopus 로고
    • On the performance of Internet worm scanning strategies
    • Jul.
    • C. C. Zou, D. Towsley, and W. Gong, "On the performance of Internet worm scanning strategies," Elsevier J. Performance Evaluation, vol.63, no.7, pp. 700-723, Jul. 2006.
    • (2006) Elsevier J. Performance Evaluation , vol.63 , Issue.7 , pp. 700-723
    • Zou, C.C.1    Towsley, D.2    Gong, W.3
  • 33
    • 69749125984 scopus 로고    scopus 로고
    • CERT Advisory CA-2001-2026 Nimda Worm CERT Coordination Center, Dec. [Online]. Available
    • CERT Advisory CA-2001-2026 Nimda Worm CERT Coordination Center, Dec. 2008 [Online]. Available: http://www.cert.org/advi-sories/CA-2001-26.html
    • (2008)
  • 34
    • 69749112669 scopus 로고    scopus 로고
    • "Code Red II:" Another Worm Exploiting Buffer Overflow in IIS Indexing Service DLL CERT Coordination Center, CERT Incident Note IN-2001-2009, Dec. [Online]. Available
    • "Code Red II:" Another Worm Exploiting Buffer Overflow in IIS Indexing Service DLL CERT Coordination Center, CERT Incident Note IN-2001-2009, Dec. 2008 [Online]. Available: http://www.cert.org/inci-dent-notes/IN-2001 -09 .html
    • (2008)
  • 35
    • 69749123038 scopus 로고    scopus 로고
    • Distributed Intrusion Detection System (DShield) Dec. [Online]. Available
    • Distributed Intrusion Detection System (DShield) Dec. 2008 [Online]. Available: http://www.dshield.org/
    • (2008)
  • 36
    • 69749123542 scopus 로고    scopus 로고
    • ALYSIS: Blaster Worm eEye Digital Security, Dec. [Online]. Available
    • ANALYSIS: Blaster Worm eEye Digital Security, Dec. 2008 [Online]. Available: http://research.eeye.com/html/advisories/pub-lished/AL20030811.html
    • (2008)
  • 37
    • 69749103838 scopus 로고    scopus 로고
    • Internet Protocol V4 Address Space Dec. 2008 [Online]. Available
    • Internet Protocol V4 Address Space Dec. 2008 [Online]. Available: http://www.iana.org/assignments/ipv4-address-space
    • (2008)
  • 38
    • 69749118914 scopus 로고    scopus 로고
    • Dec. [Online] Available
    • UROULETTE Dec. 2008 [Online]. Available: http://www.uroulette. com/
    • (2008)
  • 39
    • 69749100100 scopus 로고    scopus 로고
    • Agobot (Computer Worm) Wikipedia Dec. [Online]. Available
    • Agobot (Computer Worm) Wikipedia, Dec. 2008 [Online]. Available: http://en.wikipedia.org/wiki/Agobot-(computer-worm)
    • (2008)
  • 40
    • 69749091000 scopus 로고    scopus 로고
    • Samy (XSS) Wikipedia Dec. [Online]. Available
    • Samy (XSS) Wikipedia, Dec. 2008 [Online]. Available: http://en. wikipedia.org/wiki/Samy-(XSS)
    • (2008)
  • 41
    • 69749110997 scopus 로고    scopus 로고
    • Self-Information Wikipedia Dec. [Online]. Available
    • Self-Information Wikipedia, Dec. 2008 [Online]. Available: http://en. wikipedia.org/wiki/Self-information
    • (2008)
  • 43
    • 36749049364 scopus 로고    scopus 로고
    • Peer to peer networks for defense against Internet worms
    • Dec.
    • S. Shakkottai and R. Srikant, "Peer to peer networks for defense against Internet worms," IEEE J. Sel. Areas Commun., vol.25, no.9, pp. 1745-1752, Dec. 2007.
    • (2007) IEEE J. Sel. Areas Commun. , vol.25 , Issue.9 , pp. 1745-1752
    • Shakkottai, S.1    Srikant, R.2
  • 44
    • 54549088710 scopus 로고    scopus 로고
    • On the race of worms, alerts, and patches
    • Oct.
    • M. Vojnovic and A. J. Ganesh, "On the race of worms, alerts, and patches," IEEE Trans. Netw., vol.16, no.5, pp. 1066-1079, Oct. 2008.
    • (2008) IEEE Trans. Netw. , vol.16 , Issue.5 , pp. 1066-1079
    • Vojnovic, M.1    Ganesh, A.J.2


* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.