— Fast spreading worms are a reality, as amply demonstrated by worms such as Slammer, which reached its peak propagation in a matter of minutes. With these kinds of fast spreadin...
Tian Bu, Aiyou Chen, Scott A. Vander Wiel, Thomas ...
Current intrusion detection and prevention systems seek to detect a wide class of network intrusions (e.g., DoS attacks, worms, port scans) at network vantage points. Unfortunatel...
Ramana Rao Kompella, Sumeet Singh, George Varghese
In this paper, we study the impact of today’s IT policies, defined based upon a monoculture approach, on the performance of endhost anomaly detectors. This approach leads to th...
Worms are self-replicating malicious programs that represent a major security threat for the Internet, as they can infect and damage a large number of vulnerable hosts at timescal...
Today's Internet intrusion detection systems (IDSes) monitor edge networks' DMZs to identify and/or filter malicious flows. While an IDS helps protect the hosts on its l...