The Spread of the Witty Worm
نویسندگان
چکیده
We would like to thank Brian Kantor, Jim Madden, and Pat Wilson of UCSD for technical support of the Network Telescope project; Mike Gannis, Nicholas Weaver, Wendy Garvin, Team Cymru, and Stefan Savage for feedback on this document; and the Cisco PSIRT Team, Wendy Garvin, Team Cymru, Nicholas Weaver, and Vern Paxson for discussion as events unfolded. Support for this work was provided by Cisco Systems, NSF, DARPA, DHS, and CAIDA members.
منابع مشابه
Deriving a closed-form expression for worm-scanning strategies
This work presents a closed-form expression for characterizing the spread of a class of worm-scanning strategies through a mean-field approximation. This expression can both accurately capture the worm propagation speed before the number of infections becomes large and explicitly demonstrate the effects of important parameters such as the vulnerable-host distribution and the worm-scanning strat...
متن کاملOptimal worm-scanning method using vulnerable-host distributions
Most Internet worms use random scanning. The distribution of vulnerable hosts on the Internet, however, is highly non-uniform over the IP-address space. This implies that random scanning wastes many scans on invulnerable addresses, and more virulent scanning schemes may take advantage of the non-uniformity of a vulnerablehost distribution. Questions then arise as to how attackers may exploit su...
متن کاملEmulating sequential scanning worms on the DETER testbed
Internet worm security threats have increased with their more advanced scanning strategies and malicious payloads. In this article, we extend our existing KMSim worm model to account for the self-destructive or removal/death behavior of worms. The modified model is then used to simulate the Witty and Blaster worms. Also in this paper we describe our experience of running worm emulation experime...
متن کامل"Patch on Demand" Saves Even More Time?
I n the June 2004 Security column (" A Patch in Nine Saves Time? " pp. 82-83), Bill Arbaugh makes two interesting observations: first, whoever has the tightest observe-orient-decide-act (OODA) loop will prevail in a confrontation; second, the infection rates of recent worms suggest that the good guys are losing the battle. Arbaugh offers some sensible suggestions to vendors and security profess...
متن کاملMolecular Identification of Six Honeybee Viruses in Iranian Apiaries
The identification of honeybee viruses is of serious importance, particularly considering the lack of information on the natural incidence of viral infections in honeybee populations worldwide. Moreover, the global spread of Varroa destructor in honeybee colonies has a significant effect on the viral infection. In the present study, 160 samples of adult bee from apparently healthy colonies but ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IEEE Security & Privacy
دوره 2 شماره
صفحات -
تاریخ انتشار 2004