• DocumentCode
    1013477
  • Title

    Worm and attack early warning: piercing stealthy reconnaissance

  • Author

    Stolfo, Salvatore J.

  • Author_Institution
    Columbia Univ., USA
  • Volume
    2
  • Issue
    3
  • fYear
    2004
  • Firstpage
    73
  • Lastpage
    75
  • Abstract
    The author describes some aspects of the Worminator project (http://worminator.cs.columbia.edu), a collaboration of academic institutions pursuing R&D of intelligent predictive and proactive technologies that detect, report, and defend against early preattack cyberevents; specifically network observables, that are precursors to malicious activities during a later attack stage. The project aims to measure and significantly increase the warning time for a zero-day attack (an attack against an unreported vulnerability) to give security analysts and decision makers time to take preventive steps and for automated adaptive response mechanisms to reconfigure IT infrastructures to minimize the impact and losses.
  • Keywords
    computer crime; invasive software; system monitoring; IT infrastructures; Worminator project; attack early warning; automated adaptive response mechanisms; early preattack cyberevents; intelligent predictive technologies; malicious activities; network observables; preventive steps; security analysts; stealthy reconnaissance; unreported vulnerability; warning time; worm early warning; zero-day attack; Computer security; Computer worms; Data privacy; Data security; Databases; Detectors; Payloads; Probes; Reconnaissance; Testing; cyberattack; probe; scan; stealth; worminator;
  • fLanguage
    English
  • Journal_Title
    Security & Privacy, IEEE
  • Publisher
    ieee
  • ISSN
    1540-7993
  • Type

    jour

  • DOI
    10.1109/MSP.2004.28
  • Filename
    1306976
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1013477