Epidemic algorithms for replicated database maintenance
PODC '87 Proceedings of the sixth annual ACM Symposium on Principles of distributed computing
Code-Red: a case study on the spread and victims of an internet worm
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
How to Own the Internet in Your Spare Time
Proceedings of the 11th USENIX Security Symposium
IEEE Security and Privacy
Proceedings of the 2004 ACM workshop on Rapid malcode
Preliminary results using scale-down to explore worm dynamics
Proceedings of the 2004 ACM workshop on Rapid malcode
Proceedings of the 4th ACM workshop on Recurring malcode
The impact of stochastic variance on worm propagation and detection
Proceedings of the 4th ACM workshop on Recurring malcode
A new worm exploiting IPv4-IPv6 dual-stack networks
Proceedings of the 2007 ACM workshop on Recurring malcode
Quorum sensing and self-stopping worms
Proceedings of the 2007 ACM workshop on Recurring malcode
Optimal worm-scanning method using vulnerable-host distributions
International Journal of Security and Networks
Spectator: detection and containment of JavaScript worms
ATC'08 USENIX 2008 Annual Technical Conference on Annual Technical Conference
Peer-to-peer system-based active worm attacks: Modeling, analysis and defense
Computer Communications
Accelerating the Propagation of Active Worms by Employing Multiple Target Discovery Techniques
NPC '08 Proceedings of the IFIP International Conference on Network and Parallel Computing
Behavioural Characterization for Network Anomaly Detection
Transactions on Computational Science IV
Defending against the propagation of active worms
The Journal of Supercomputing
Self-adaptive worms and countermeasures
SSS'06 Proceedings of the 8th international conference on Stabilization, safety, and security of distributed systems
Inside the permutation-scanning worms: propagation modeling and analysis
IEEE/ACM Transactions on Networking (TON)
On detecting active worms with varying scan rate
Computer Communications
Fast and evasive attacks: highlighting the challenges ahead
RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
Modeling and Defending against Adaptive BitTorrent Worms in Peer-to-Peer Networks
ACM Transactions on Autonomous and Adaptive Systems (TAAS)
Hi-index | 0.00 |
Modern network worms spread with tremendous speed-potentially covering the planet in mere seconds. However, for most worms, this prodigious pace continues unabated long after the outbreak's incidence has peaked. Indeed, it is this ongoing infection activity that is typically used to identify compromised hosts. In principle, a stealthier worm might eliminate this telltale sign by coordinating its members to halt infection activity after the vulnerable population is subverted. Thus, after a short initial spreading period all infected hosts could become quiescent "sleep eragents." In this paper, we show that such "self-stopping" capabilities are trivial to add to existing worms, and can be efficiently implemented without any explicit coordination or additional network traffic.