Abstract :
The author describes some aspects of the Worminator project (http://worminator.cs.columbia.edu), a collaboration of academic institutions pursuing R&D of intelligent predictive and proactive technologies that detect, report, and defend against early preattack cyberevents; specifically network observables, that are precursors to malicious activities during a later attack stage. The project aims to measure and significantly increase the warning time for a zero-day attack (an attack against an unreported vulnerability) to give security analysts and decision makers time to take preventive steps and for automated adaptive response mechanisms to reconfigure IT infrastructures to minimize the impact and losses.
Keywords :
computer crime; invasive software; system monitoring; IT infrastructures; Worminator project; attack early warning; automated adaptive response mechanisms; early preattack cyberevents; intelligent predictive technologies; malicious activities; network observables; preventive steps; security analysts; stealthy reconnaissance; unreported vulnerability; warning time; worm early warning; zero-day attack; Computer security; Computer worms; Data privacy; Data security; Databases; Detectors; Payloads; Probes; Reconnaissance; Testing; cyberattack; probe; scan; stealth; worminator;
