Title :
Worm Traffic Analysis and Characterization
Author :
Dainotti, Alberto ; Pescape, Antonio ; Ventre, Giorgio
Author_Institution :
Univ. of Napoli Federico II, Naples
Abstract :
Internet worms are gaining ever more attention by the research community, representing one of the hot research topics in the field of network security. Our knowledge of phenomena related to Internet worms (from their intrinsic characteristics to their impact and to possible countermeasures) is still in its infancy. This is one of the main reasons for the existence of different kinds of research approaches. In this paper we focus on worm traffic analysis. We propose a general methodology, we discuss issues involved, and we present a software platform which can be used for this kind of study. Moreover, we show some interesting preliminary results from our traffic analysis of two of the most relevant worms that spread over the Internet: Witty and Slammer. Our results provide interesting evidences of (spatial and temporal) invariance and give some hints on worm traffic fingerprinting.
Keywords :
Internet; invasive software; telecommunication security; telecommunication traffic; Internet worms; network security; software platform; spatial invariance; temporal invariance; worm traffic analysis; Aggregates; Communications Society; Computer worms; Data mining; Fingerprint recognition; IP networks; Internet; Software testing; Telecommunication traffic; Traffic control;
Conference_Titel :
Communications, 2007. ICC '07. IEEE International Conference on
Conference_Location :
Glasgow
Print_ISBN :
1-4244-0353-7
DOI :
10.1109/ICC.2007.241
