Framework for integrated proactive network worm detection and response

Proceedings of the 17th Euromicro International Conference on Parallel, Distributed and Network-Based Processing, PDP 2009

Volumn , Issue , 2009, Pages 379-386

  Kotenko, Igor ^a  

^a ST PETERSBURG INSTITUTE FOR INFORMATICS AND AUTOMATION   (Russian Federation)

Author keywords

Adaptation; Aimulation; Network security; Network worms; Worm detection and containment

Indexed keywords

ADAPTATION; AIMULATION; DEFENSE MECHANISM; DYNAMIC ADAPTATIONS; NETWORK CONDITION; NETWORK HOSTS; NETWORK WORMS; PROACTIVE NETWORKS; RESPONSE MECHANISMS; SOFTWARE SYSTEMS; WORM DETECTION AND CONTAINMENT;

COMPUTER CRIME; COMPUTER SIMULATION; COMPUTER SOFTWARE; DYNAMIC RESPONSE; INTERNET;

NETWORK SECURITY;

EID: 70349137128     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/PDP.2009.52     Document Type: Conference Paper

References (25)

1. S. Chen, and Y. Tang, "Slowing Down Internet Worms," 24th International Conference on Distributed Computing Systems (ICDCS '04), IEEE Computer Society. 2004.
2. Z. Chen, L. Gao, and K. Kwiat. Modeling the Spread of Active Worms. IEEE INFOCOM 2003.
3. D. Dagon, X. Qin, G. Gu, W. Lee, J. Grizzard, J. Levine, and H. Owen, "HoneyStat: Local Worm Detection Using Honeypots," Recent Advances in Intrusion Detection (RAID'04). 2004.
4. D.R. Ellis, J.G. Aiken, K.S. Attwood, and S.D. Tenaglia, "A Behavioral Approach to Worm Detection," Workshop on Rapid Malcode (WORM'04). 2004.
5. J.Jung, V.Paxson, A.W.Berger, and H. Balakrishnan, "Fast portscan detection using sequential hypothesis testing," Proc. of the 2004 IEEE Symposium on Security and Privacy. 2004.
6. H.-A. Kim, and B. Karp, "Autograph: Toward Automated, Distributed Worm Signature Detection," 13th USENIX Security Symposium. 2004.
7. LBNL/ICSI Enterprise Tracing Project. http://www.icir.org/enterprise- tracing/index.html
8. MAWI Working Group Traffic Archive. http://tracer.csl.sony.co.jp/mawi/
9. J. Mirkovic, E. Arikan, S. Wei, S. Fahmy, R. Thomas, and P. Reiher, "Benchmarks for DDoS Defense Evaluation," Proc. of the Milcom 2006, October 2006.
10. D. Moore, "Network Telescopes: Observing Small or Distant Security Events," 11th USENIX Security Symposium. 2002.
11. T. Peng, C. Leckie, and R. Kotagiri, "Proactively Detecting DDoS Attack Using Source IP Address Monitoring," Lecture Notes in Computer Science, vol.3042, 2004.
12. Proactive. Wikipedia. http://en.wikipedia.org/wiki/Proactive
13. M.Sanchez, "Virus Throttle as basis for ProActive Defense," Communications in Computer and Information Science (CCIS). Springer, vol.1, 2007.
14. S.Schechter, J.Jung, and A.W.Berger, "Fast Detection of Scanning Worm Infections," Lecture Notes in Computer Science, Springer, vol.3224, 2004.
15. V.Sekar, Y.Xie, M.K.Reiter, and H.Zhang, "A Multi-Resolution Approach for Worm Detection and Containment," Proc. of IEEE/IFIP DSN'06, 2006.
16. S.Singh, C.Estan, G.Varghese, and S.Savage, "Automatic worm fingerprinting," Operating Systems Design and Implementation (OSDI'04), 2004.
17. S. Staniford, J. Hoagland, and J. McAlerney, "Practical Automated Detection of Stealthy Portscans," Journal of Computer Security, vol.10, no.1, 2002.
18. T. Toth, and C. Krugel, "Connection history based anomaly detection," IEEE Workshop on Information Assurance, 2002.
19. S. Venkataraman, D. Song, P.B. Gibbons, and A. Blum, "New Streaming Algorithms for Fast Detection of Superspreaders," Proc. of Network and Distributed System Security Symposium, 2005.
20. N. Weaver, S. Staniford, and V. Paxson, "Very fast containment of scanning worms, Revisited," Advances in Information Security, vol.27. Malware Detection, Springer, 2007.
21. D.Whyte, E.Kranakis, and P.C.v.Oorschot, "DNS-based Detection of Scanning Worms in an Enterprise Network," Network and Distributed System Security Symposium, 2005.
22. M. Williamson, "Throttling Viruses: Restricting propagation to defeat malicious mobile code," Proc. of ACSAC Security Conference, Las Vegas, Nevada, 2002.
23. B. Witten, and C. Nachenberg, "Malware Evolution: A Snapshot of Threats and Countermeasures in 2005," Malware Detection, Springer, 2007.
24. C.Wong, S.Bielski, A.Studer, and C.Wang, "Empirical Analysis of Rate Limiting Mechanisms," Lecture Notes in Computer Science, Springer, vol.3858, 2006.
25. J.Wu, S.Vangala, and K.Kwiat, "An Effective Architecture and Algorithm for Detecting Worms with Various Scan Techniques," Network and Distributed System Security Symposium, 2004.