Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
GLOBECOM
2006
IEEE
2006
IEEE
On the Effectiveness of Service Registration-Based Worm Defense
— Existing Internet worm research focuses either on worm detection inside an AS, or on prevention of Internet-wide worm epidemic. But of more practical concern is how to repel worm infiltration attempts at the AS boundary. In this paper, we analyze the efficacy of the general perimeter defense system operating on service registration information. When such system finds incoming packets targeting an unregistered service, it intercepts the packets and relays them to the signature generation module. While the signature is extracted, the system blocks the infiltration through blacklisting. Finally, upon the signature generation, content filtering based on the signature takes over, replacing blacklisting. Since the effectiveness of such systems depends on the type of worm, we analyze the effectiveness against the following practical worm types: random scanning TCP worms, random-start sequential scanning TCP worms, and UDP worms.
Real-time Traffic| Added | 11 Jun 2010 |
| Updated | 11 Jun 2010 |
| Type | Conference |
| Year | 2006 |
| Where | GLOBECOM |
| Authors | Jin-Ho Kim, Hyogon Kim, Saewoong Bahk |
Comments (0)
Researcher Info
|
