Code red worm propagation modeling and analysis
Proceedings of the 9th ACM conference on Computer and communications security
How to Own the Internet in Your Spare Time
Proceedings of the 11th USENIX Security Symposium
Throttling Viruses: Restricting propagation to defeat malicious mobile code
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
IEEE Security and Privacy
Modeling the effects of timing parameters on virus propagation
Proceedings of the 2003 ACM workshop on Rapid malcode
Design, Implementation and Test of an Email Virus Throttle
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
ICDCS '04 Proceedings of the 24th International Conference on Distributed Computing Systems (ICDCS'04)
Dynamic Quarantine of Internet Worms
DSN '04 Proceedings of the 2004 International Conference on Dependable Systems and Networks
Detecting mass-mailing worm infected hosts by mining DNS traffic data
Proceedings of the 2005 ACM SIGCOMM workshop on Mining network data
binpac: a yacc for writing application protocol parsers
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
Leveraging good intentions to reduce unwanted network traffic
SRUTI'06 Proceedings of the 2nd conference on Steps to Reducing Unwanted Traffic on the Internet - Volume 2
Modeling and Simulation Study of the Propagation and Defense of Internet E-mail Worms
IEEE Transactions on Dependable and Secure Computing
A new worm exploiting IPv4-IPv6 dual-stack networks
Proceedings of the 2007 ACM workshop on Recurring malcode
OpenLIDS: a lightweight intrusion detection system for wireless mesh networks
Proceedings of the 15th annual international conference on Mobile computing and networking
Defending against the propagation of active worms
The Journal of Supercomputing
How to secure your email address book and beyond
CANS'07 Proceedings of the 6th international conference on Cryptology and network security
Cloaking malware with the trusted platform module
SEC'11 Proceedings of the 20th USENIX conference on Security
Empirical analysis of rate limiting mechanisms
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
An email worm vaccine architecture
ISPEC'05 Proceedings of the First international conference on Information Security Practice and Experience
Hi-index | 0.00 |
Mass-mailing worms have made a significant impact on the Internet. These worms consume valuable network resources and can also be used as a vehicle for DDoS attacks. In this paper, we analyze network traffic traces collected from a college campus and present an in-depth study on the effects of two mass-mailing worms, SoBig and MyDoom, on outgoing traffic. Rather than proposing a defense strategy, we focus on studying the fundamental behavior and characteristics of these worms. This analysis lends insight into the possibilities and challenges of automatically detecting, suppressing and stopping mass mailing worm propagation in a enterprise network environment.