• DocumentCode
    3245019
  • Title

    Worm Traffic Analysis and Characterization

  • Author

    Dainotti, Alberto ; Pescape, Antonio ; Ventre, Giorgio

  • Author_Institution
    Univ. of Napoli Federico II, Naples
  • fYear
    2007
  • fDate
    24-28 June 2007
  • Firstpage
    1435
  • Lastpage
    1442
  • Abstract
    Internet worms are gaining ever more attention by the research community, representing one of the hot research topics in the field of network security. Our knowledge of phenomena related to Internet worms (from their intrinsic characteristics to their impact and to possible countermeasures) is still in its infancy. This is one of the main reasons for the existence of different kinds of research approaches. In this paper we focus on worm traffic analysis. We propose a general methodology, we discuss issues involved, and we present a software platform which can be used for this kind of study. Moreover, we show some interesting preliminary results from our traffic analysis of two of the most relevant worms that spread over the Internet: Witty and Slammer. Our results provide interesting evidences of (spatial and temporal) invariance and give some hints on worm traffic fingerprinting.
  • Keywords
    Internet; invasive software; telecommunication security; telecommunication traffic; Internet worms; network security; software platform; spatial invariance; temporal invariance; worm traffic analysis; Aggregates; Communications Society; Computer worms; Data mining; Fingerprint recognition; IP networks; Internet; Software testing; Telecommunication traffic; Traffic control;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Communications, 2007. ICC '07. IEEE International Conference on
  • Conference_Location
    Glasgow
  • Print_ISBN
    1-4244-0353-7
  • Type

    conf

  • DOI
    10.1109/ICC.2007.241
  • Filename
    4288912
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3245019