Abstract. We present two light-weight worm detection algorithms that offer significant advantages over fixed-threshold methods. The first algorithm, RBS (ratebased sequential hy...
A computer worm is an autonomous malicious, selfreplicating and propagating piece of code that is able to spread fast in computer networks, exploiting the vulnerabilities it disco...
Pantelis Kammas, Thodoros Komninos, Yannis C. Stam...
We give the first systematic investigation of the design space of worm defense system strategies. We accomplish this by g a taxonomy of defense strategies by abstracting away impl...
David Brumley, Li-Hao Liu, Pongsin Poosankam, Dawn...
Signature-based schemes for detecting Internet worms often fail on zero-day worms, and their ability to rapidly react to new threats is typically limited by the requirement of som...
David Whyte, Paul C. van Oorschot, Evangelos Krana...
We present a discrete-event network simulator, called Simnet, designed specifically for analyzing networksecurity protocols. The design and implementation is focused on simplicit...
Seny Kamara, Darren Davis, Lucas Ballard, Ryan Cau...