Reducing False Alarm and Shortening Worm Detection Time in Virus Throttling |
Shim Jae-Hong
(조선대학교 인터넷소프트웨어공학부)
Kim Jang-bok (아주대학교 정보통신전문대학원) Choi Hyung-Hee (아주대학교 정보통신전문대학원) Jung Gi-Hyun (아주대학교 전자공학부) |
1 | CERT, 'CERT Advisory CA-2001-26 Nimda Worm, Sept. 2001. http://www.cert.org/advisories/CA-2001-26.html |
2 | CERT, 'CERT Advisory CA-2000-04 Love Letter Worm, May 2002. http://www.cert.org/advisorieS/CA-2000-04.html |
3 | C. C. Zou, W. Gong, and D. Towsley, 'Worm Propagation Modeling and Analysis under Dynamic Quarantine Defense,' ACM CCS Workshop on Rapid Malcode (WORM '03), Washington DC, Oct., 2003 DOI |
4 | N. Gulati, C. Williamson and R. Bunt, 'LAN traffic locality: Characterization and application,' Proc. of the First International Conference of Local Area Network Interconnection, pp.233-250, Oct., 1993 |
5 | X. Qin, D. Dagon, G. Gu, and W. Lee, 'Worm detection using local networks,' Technical report, College of Computing, Georgia Tech., Feb., 2004 |
6 | CERT, 'CERT Advisory CA-2001-08 Code Red Worm Exploiting Buffer Overflow in lIS Indexing Service DLL,' July 2001. http://www.cert.org/incidenLnotes/IN-2001-08.html |
7 | J. Jung, S. E. Schechter, and A. W. Berger, 'Fast Detection of Scanning Worm Infections,' Proc. of 7th International Symposium on Recent Advances in Intrusion Detection (RAID), Sophia Antipolis, French Riviera, France, Sept., 2004 |
8 | J. Jung, V. Paxson, A. W. Berger, and H. Balakrishnan, 'Fast portscan detection using sequential hypothesis testing,' Proc. of the IEEE Symposium on Security and Privacy, May, 2004 DOI |
9 | J. Twycross and M. M. Williamson, 'Implementing and testing a virus throttle,' Proc. of the 12th USENIX Security Symposium, pp.285-294, Aug., 2003 |
10 | Matthew M. Williamson, 'Throttling Viruses: Restricting propagation to defeat malicious mobile code,' Proc. of the 18th Annual Computer Security Applications Conference, Dec., 2002 DOI |
11 | S. Sidiroglou and A. D. Keromytis, 'A Network Worm Vaccine Architecture,' Proc. of the IEEE Workshop on Enterprise Technologies: Infrastructure for Collaborative Enterprises (WETICE), Workshop on Enterprise Security, pp.220-225, June, 2003 |
12 | D. Moore, V. Paxson, S. Savage, C. Shannon, S. StaniPord and N. Weaver, 'Inside the Slammer worm,' IEEE Security and Privacy, vol. 1, pp. 33-39, July, 2003 DOI ScienceOn |
13 | C. Zou, L. Gao, W. Gong, D. Towsley, 'Monitoring and early warning for Internet worms,' ACM Conference on Computer and Communications Security, Washington, DC, Oct., 2003 DOI |
14 | CERT, 'CERT Advisory CA-2003-04 MS-SQL Server Worm,' Jan., 2003. http://www.cert.org/advisories/CA-2oo304.html |
15 | CERT, 'CERT Advisory CA-200H)9 Code Red II Another Worm Exploiting Buffer Overflow in IIS Indexing Service DLL,' Aug., 2001. http://www.cert.org/incident_notes/lN2001-09.html |