To detect and investigate self-propagating worm attacks against networked servers, the following capabilities are desirable: (1) raising timely alerts to trigger a worm investigat...
Xuxian Jiang, Florian P. Buchholz, Aaron Walters, ...
Abstract We present a monitoring system which detects repeated packets in network traffic, and has applications including detecting computer worms. It uses Bloom filters with count...
Paul C. van Oorschot, Jean-Marc Robert, Miguel Var...
Email worms continue to be a persistent problem, indicating that current approaches against this class of selfpropagating malicious code yield rather meagre results. Additionally,...
As next-generation computer worms may spread within minutes to millions of hosts, protection via human intervention is no longer an option. We discuss the implementation of SweetB...
This paper presents DOME, a host-based technique for detecting several general classes of malicious code in software executables. DOME uses static analysis to identify the locatio...
Jesse C. Rabek, Roger I. Khazan, Scott M. Lewandow...