• DocumentCode
    3135977
  • Title

    Digging for worms, fishing for answers

  • Author

    Buchholz, Florian ; Daniels, Thomas E. ; Early, James P. ; Gopalakrishna, Rajeev ; Gorman, R. Patrick ; Kuperman, Bejamin A. ; Nystrom, Sofie ; Schroll, Addam ; Smith, Andrew

  • Author_Institution
    Center for Educ. & Res. in Inf. Assurance & Security, Purdue Univ., West Lafayette, IN, USA
  • fYear
    2002
  • fDate
    2002
  • Firstpage
    219
  • Lastpage
    226
  • Abstract
    Worms continue to be a leading security threat on the Internet. This paper analyzes several of the more widespread worms and develops a general life-cycle for them. The lifecycle, from the point of view of the victim host, consists of four stages: target selection, exploitation, infection, and propagation. While not all worms fall into this framework perfectly, by understanding them in this way, it becomes apparent that the majority of detection techniques used today focus on the first three stages. This paper presents a technique that is used in the fourth stage to detect the class of worms that use a horizontal scan to propagate. An argument is also made that detection in the fourth stage is a viable, but under-used technique.
  • Keywords
    Internet; computer network management; computer viruses; security of data; Internet; exploitation; horizontal scan; infection; life-cycle; propagation; security threat; target selection; victim host; worms; Computer crime; Computer security; Computer worms; Continuing education; Information security; Information systems; Internet; Intrusion detection; Protection; Telecommunication traffic;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Security Applications Conference, 2002. Proceedings. 18th Annual
  • ISSN
    1063-9527
  • Print_ISBN
    0-7695-1828-1
  • Type

    conf

  • DOI
    10.1109/CSAC.2002.1176293
  • Filename
    1176293
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3135977