The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The homogeneity and the heterogeneity among peers in P2P networks can be utilized to counter P2P worms. The heterogeneity among peers can slow down the spread of worms, and the homogeneity can make the corresponding alert propagate faster than a worm. The distance between peers is defined to represent the heterogeneity. We proposed a worm containment scheme based on double-neighbor lists in P2P overlay...
Node behavior profiling is a promising tool in many aspects of network security, especially in malware detection. In this paper, based on node behavior profiles proposed in the literature, we propose a fast anomaly detection scheme using SPRT (Sequential Probability Ratio Test) for malware/worm detection. The key idea of this paper is, instead of checking most of the nodes in a network, only a small...
This paper summarizes the main challenges we encountered in integrating and analyzing large malware and threat datasets in the context of the European project WOMBAT. We will outline WOMBAT's motivation, structure and contributions to the field of threat intelligence.
The undoubted success of very powerful and pervasively IP enabled cellular phones raises the obvious question whether the cellular world will also enter a severe security crisis like the PC itself. Moreover, this serious question is amplified through the use of new Open and even Web-OS oriented phone platforms. Considering the most dangerous security threat which might be given in the form of cellular...
This paper describes a new botnet that we have discovered at the beginning of December 2009. Our Net Flow-based network monitoring system reported an increasing amount of Telnet scanning probes. Tracing back to a source we have identified world wide infected DSL modems and home routers. Nowadays, various vendors use Linux in this kind of devices. A further investigation has shown that most of deployed...
At present there are some worm intrusion detection systems, primarily for a single LAN or with hardware router environment, which are not applicable for large-scale network detection or have high false alarm rate by using only worm propagation characteristics for detection. This paper analyzed worm non-linear propagation models and drew out the worm transmission curves. Then a distributed worm detection...
Internet worms spread fast and destroy strong. An accurate Internet worm model provides insight into worm propagation. It aids in identifying the characteristics in the worm spreading and provides better detection and prevention for a new worm threat. In this paper, based on the classical Kermack-Mckendrick model, we propose a general Internet worm model called SIRS (Susceptible -- Infectious -- Removed...
Antivirus is a fundamental presence in every computer infrastructure nowadays. The exponential growth of Internet usage with increasing higher bandwidth led to situations where virus (as well as worms and other type of malicious content) had constant outbreaks with impressive amounts of infected computers across the entire world. Email has been the preferred choice for several of these malicious content...
The threat landscape facing the Federal Government is growing, from underground cybercrime economy and burgeoning malware production to rumors of cyber war. Business leaders and security professionals focused on this threat landscape and evaluating cloud computing advantages also need to address cloud computing's unique survivability and information assurance risks.
With the rapid development of e-commerce, security issues are arising from people's attention. The lack of security will cause the malicious agent to spread without restriction on Internet or cause it to be invaded by the malicious host, so that business activities shall be involved into chaos. So it has become a crucial step for e-commerce to construct a safe and effective transaction environment...
Epidemic malicious codes including Internet worms and botnets have continuously evolved to be more intelligent and complicated. In particular, the recent distributed denial-of-service (DDoS) attack that occurred in United States and South Korea in July, 2009 gives an opportunity to reconsider the epidemic malicious code. Since automatic patching systems and intelligent intrusion detection and prevention...
With the growing number of botnet attacks, the botnet detection is becoming increasingly important for the network security. To enhance the existing botnet detection systems which are short of efficient information collection functions, this paper presents a collaborative information collection model with a new 5-tuple structural mode. In the model, we introduce the static and dynamic roles to meet...
It is proposed to add a charging gateway in combination with leak scanning and net flow monitoring technology and intends to solve the problems in several aspects: patching operation system, scanning serious leak, promoting computers that have serious leaks, and fighting against worms. It is able to suspend the Internet-visiting qualification on computers which have been infected by worms until such...
Extentics is a new discipline that studies the methods for dealing with contradictory problems. This paper gives a solution of attack's recognition and resistance of survivable network based on extension theory. The basic knowledge of extension theory is introduced. The contradictory characteristic of survivability of borderless network is analyzed. The extension model and algorithms of recognition...
Intellectual property theft has become a major problem in the recent years. In this paper we primarily focus on software components as intellectual property. Availability of high speed internet has played an important role in distribution of illegal software. Reverse engineering techniques are used to bypass security of software components. These techniques are also used by forensics analysts and...
Worm detection and defense is still a critical mission for worm researchers. This paper presents an architecture for active detection and defense against the internet worms based on multi and mobile agents. This Paper depends on the cooporation between the agents to achieve zero day worms' detection in addition to detecting the well known worms. The results show that the used approach based on the...
For more than two decades, attackers and malware authors have battled defensive users and administrators for control of computing resources. Unfortunately, the defenders aren't winning the fight. Systems infected with malicious code are as widespread.
Although computer users are aware of spyware, they typically do not take protective steps against it. A recent study looks into the reasons for this apathy and suggests boosting users' confidence in installing and operating antispyware solutions as an effective remedy.
Peer-to-Peer(P2P) network has some closer relation-ship with Internet while the scale of P2P network increases. Active P2P worms attack neighbour peers based on hit-list and pose a severe threat to both P2P network and Internet. Due to the complexity of P2P network, the traditional worms propagation model cannot be adequate to exact model P2P worms spread. Both the dynamic characteristic of P2P network...
Conficker is a worm outbreak recently which form a large botnet and became a huge threat to the security of the internet. In this paper, the redirect technology of domain name was used to monitor the conficker. For it's low killing rate and long-term period of propagation, we built a propagation model of botnet based on conficker monitoring. In the model, we take into account the geography, connectivity...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.