The Mathematics of Infectious Diseases
SIAM Review
Code red worm propagation modeling and analysis
Proceedings of the 9th ACM conference on Computer and communications security
Code-Red: a case study on the spread and victims of an internet worm
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
How to Own the Internet in Your Spare Time
Proceedings of the 11th USENIX Security Symposium
On computer viral infection and the effect of immunization
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
Measuring and Modeling Computer Virus Prevalence
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
IEEE Security and Privacy
Monitoring and early warning for internet worms
Proceedings of the 10th ACM conference on Computer and communications security
Worm propagation modeling and analysis under dynamic quarantine defense
Proceedings of the 2003 ACM workshop on Rapid malcode
Shield: vulnerability-driven network filters for preventing known vulnerability exploits
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Scalability, fidelity, and containment in the potemkin virtual honeyfarm
Proceedings of the twentieth ACM symposium on Operating systems principles
Spectator: detection and containment of JavaScript worms
ATC'08 USENIX 2008 Annual Technical Conference on Annual Technical Conference
Detecting and blocking P2P botnets through contact tracing chains
International Journal of Internet Protocol Technology
Performance analysis of email systems under three types of attacks
Performance Evaluation
Joint network-host based malware detection using information-theoretic tools
Journal in Computer Virology
An email worm vaccine architecture
ISPEC'05 Proceedings of the First international conference on Information Security Practice and Experience
| Hi-index | 0.00 |
Modern society is highly dependent on the smooth and safe flow of information over communication and computer networks. Computer viruses and worms pose serious threats to the society by disrupting the normal information flow and collecting or destroying information without authorization. Compared to the effectiveness and ease of spreading worms and viruses, currently adopted defense schemes are slow to react and costly to implement. This paper proposes an automated email virus detection and control scheme using attachment chain tracing (ACT) technique. Based on conventional epidemiology, ACT detects virus propagation by identifying the existence of transmission chains in the network. It uses contact tracing to find epidemiological links between hosts. A soft quarantine scheme is proposed to control virus propagation. No virus signature information is needed for detection and quarantine. We also study the effect of delayed, limited immunization on the spread of viruses. We propose a progressive immunization strategy which uses transmission chain information to guide immunization process. Preliminary simulation experiments show that ACT is a promising scheme.