Abstract
Network worms, very similar to viruses, are malicious programs that use vulnerabilities in software to spread between computers that are somehow connected using a computer network.
We remind that a computer should be understood broadly – in the near future, a worm might infect a mobile phone as easily as it now infects a personal desktop computer.
We have proposed a modular architecture for an early warning system. We also implemented a prototype system consisting of several detection and analysis modules. While the prototype was limited in nature, it meets the most of the requirements we have set for such a system.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Sommerville, I.: Software Engineering, 6th edn. Pearson Education Ltd, UK (2001)
Weaver, N., Paxson, V., Staniford, S.: A worst-case worm (2003) Silicon Defense Technical Report (2003), Available http://www.silicondefense.com/papers/worstcase.pdf
Spafford, E.: The internet worm program: An analysis (1998) Purdue Technical Report CSD-TR-823 (1998)
Moore, D., Paxson, V., Savage, S., Shannon, C., Staniford, S., Weaver, N.: The spread of the sapphire/slammer worm (2003), Available http://www.caida.org/outreach/papers/2003/sapphire/sapphire.html
Shannon, C., Moore, D.: The spread of the witty worm (2004), Available http://www.caida.org/analysis/security/witty/
Weaver, N., Staniford, S., Paxson, V.: Very fast containment of scanning worms. In: Proceedings of the 13th Usenix Security Symposium, USA, Usenix (2004)
Jung, J., Paxson, V., Berger, A., Balakrishnan, H.: Fast portscan detection using sequential hypothesis testing. In: 2004 IEEE Symposium on Security and Privacy, USA. IEEE, Los Alamitos (2004)
Schechter, S., Jung, J., Berger, A.: Fast detection of scanning worm infections. In: Recent Advances in Intrusion Detection (RAID), USA (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Tikkanen, A., Virtanen, T. (2005). Early Warning for Network Worms. In: Hao, Y., et al. Computational Intelligence and Security. CIS 2005. Lecture Notes in Computer Science(), vol 3802. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11596981_157
Download citation
DOI: https://doi.org/10.1007/11596981_157
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-30819-5
Online ISBN: 978-3-540-31598-8
eBook Packages: Computer ScienceComputer Science (R0)