IEEE Spectrum
Code red worm propagation modeling and analysis
Proceedings of the 9th ACM conference on Computer and communications security
Code-Red: a case study on the spread and victims of an internet worm
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
How to Own the Internet in Your Spare Time
Proceedings of the 11th USENIX Security Symposium
Measuring and Modeling Computer Virus Prevalence
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
IEEE Security and Privacy
Monitoring and early warning for internet worms
Proceedings of the 10th ACM conference on Computer and communications security
ACT: attachment chain tracing scheme for email virus detection and control
Proceedings of the 2004 ACM workshop on Rapid malcode
WORM vs. WORM: preliminary study of an active counter-attack mechanism
Proceedings of the 2004 ACM workshop on Rapid malcode
Worm propagation modeling and analysis based on quarantine
InfoSecu '04 Proceedings of the 3rd international conference on Information security
An Extensible Platform for Evaluating Security Protocols
ANSS '05 Proceedings of the 38th annual Symposium on Simulation
Modeling Viral Spread by Random Scanning and Its Relationship with the Epidemiological Model
IPDPS '05 Proceedings of the 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Workshop 17 - Volume 18
Distributed Worm Simulation with a Realistic Internet Model
Proceedings of the 19th Workshop on Principles of Advanced and Distributed Simulation
Mobile Contagion: Simulation of Infection and Defense
Proceedings of the 19th Workshop on Principles of Advanced and Distributed Simulation
The monitoring and early detection of internet worms
IEEE/ACM Transactions on Networking (TON)
The limits of global scanning worm detectors in the presence of background noise
Proceedings of the 2005 ACM workshop on Rapid malcode
Proactive security for mobile messaging networks
WiSe '06 Proceedings of the 5th ACM workshop on Wireless security
A drawback of current anti-virus simulations: the need for background traffic
Proceedings of the 44th annual Southeast regional conference
Computer Networks: The International Journal of Computer and Telecommunications Networking
Adaptive defense against various network attacks
SRUTI'05 Proceedings of the Steps to Reducing Unwanted Traffic on the Internet on Steps to Reducing Unwanted Traffic on the Internet Workshop
Very fast containment of scanning worms
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
On the effectiveness of distributed worm monitoring
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
An Automated Signature-Based Approach against Polymorphic Internet Worms
IEEE Transactions on Parallel and Distributed Systems
On the trade-off between speed and resiliency of flashworms and similar malcodes
Proceedings of the 2007 ACM workshop on Recurring malcode
Proceedings of the 1st international conference on Bio inspired models of network, information and computing systems
Evaluation of collaborative worm containment on the DETER testbed
DETER Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test on DETER Community Workshop on Cyber Security Experimentation and Test 2007
A model of the spread of randomly scanning Internet worms that saturate access links
ACM Transactions on Modeling and Computer Simulation (TOMACS)
Deterministic and stochastic models for the detection of random constant scanning worms
ACM Transactions on Modeling and Computer Simulation (TOMACS)
Towards self-propagate mal-packets in sensor networks
WiSec '08 Proceedings of the first ACM conference on Wireless network security
Design and analysis of a multipacket signature detection system
International Journal of Security and Networks
International Journal of Security and Networks
MAISim: mobile agent malware simulator
Proceedings of the 1st international conference on Simulation tools and techniques for communications, networks and systems & workshops
Modeling and Simulation for Security Risk Propagation in Critical Information Systems
Computational Intelligence and Security
Peer-to-peer system-based active worm attacks: Modeling, analysis and defense
Computer Communications
Towards controlling virus propagation in information systems with point-to-group information sharing
Decision Support Systems
An approach for classifying internet worms based on temporal behaviors and packet flows
ICIC'07 Proceedings of the intelligent computing 3rd international conference on Advanced intelligent computing theories and applications
Tools for worm experimentation on the DETER testbed
International Journal of Communication Networks and Distributed Systems
Maximum damage malware attack in mobile wireless networks
INFOCOM'10 Proceedings of the 29th conference on Information communications
CPMC: an efficient proximity malware coping scheme in smartphone-based mobile networks
INFOCOM'10 Proceedings of the 29th conference on Information communications
Modeling and containment of search worms targeting web applications
DIMVA'10 Proceedings of the 7th international conference on Detection of intrusions and malware, and vulnerability assessment
On detecting active worms with varying scan rate
Computer Communications
An adversarial evaluation of network signaling and control mechanisms
ICISC'10 Proceedings of the 13th international conference on Information security and cryptology
Toward a framework for forensic analysis of scanning worms
ETRICS'06 Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security
Worm propagation modeling and analysis on network
CIS'05 Proceedings of the 2005 international conference on Computational Intelligence and Security - Volume Part II
Adaptive method for monitoring network and early detection of internet worms
ISI'06 Proceedings of the 4th IEEE international conference on Intelligence and Security Informatics
A SIP-TRW algorithm for DDoS attack detection in SIP environments
Proceedings of the 4th International Conference on Uniquitous Information Management and Communication
Coupled kermack-mckendrick models for randomly scanning and bandwidth-saturating internet worms
QoS-IP'05 Proceedings of the Third international conference on Quality of Service in Multiservice IP Networks
Models and analysis of active worm defense
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
ARCS'10 Proceedings of the 23rd international conference on Architecture of Computing Systems
A probabilistic approach to estimate the damage propagation of cyber attacks
ICISC'05 Proceedings of the 8th international conference on Information Security and Cryptology
DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
Pulse quarantine strategy of internet worm propagation: Modeling and analysis
Computers and Electrical Engineering
Security and privacy issues for the network of the future
Security and Communication Networks
Toward early warning against Internet worms based on critical-sized networks
Security and Communication Networks
Maximum damage malware attack in mobile wireless networks
IEEE/ACM Transactions on Networking (TON)
Simulating non-stationary congestion systems using splitting with applications to cyber security
Proceedings of the Winter Simulation Conference
Hi-index | 0.00 |
Due to the fast spreading nature and great damage of Internet worms, it is necessary to implement automatic mitigation, such as dynamic quarantine, on computer networks. Enlightened by the methods used in epidemic disease control in the real world, we present a dynamic quarantine method based on the principle "assume guilty before proven innocent" --- we quarantine a host whenever its behavior looks suspicious by blocking traffic on its anomaly port. Then we will release the quarantine after a short time, even if the host has not been inspected by security staffs yet. We present mathematical analysis of three worm propagation models under this dynamic quarantine method. The analysis shows that the dynamic quarantine can reduce a worm's propagation speed, which can give us precious time to fight against a worm before it is too late. Furthermore, the dynamic quarantine will raise a worm's epidemic threshold, thus it will reduce the chance for a worm to spread out. The simulation results verify our analysis and demonstrate the effectiveness of the dynamic quarantine defense.