New Multi-step Worm Attack Model

نویسندگان

  • Y. Robiah
  • S. Siti Rahayu
  • S. Shahrin
  • M. A. Faizal
  • M. Mohd Zaki
  • R. Marliza
چکیده

The traditional worms such as Blaster, Code Red, Slammer and Sasser, are still infecting vulnerable machines on the internet. They will remain as significant threats due to their fast spreading nature on the internet. Various traditional worms attack pattern has been analyzed from various logs at different OSI layers such as victim logs, attacker logs and IDS alert log. These worms attack pattern can be abstracted to form worms’ attack model which describes the process of worms’ infection. For the purpose of this paper, only Blaster variants were used during the experiment. This paper proposes a multi-step worm attack model which can be extended into research areas in alert correlation and computer forensic investigation.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Research on Constructing an Internet - based Multi - step Security System

Due to the side effects of the increasing Internet population and the proliferation of new cyberspace culture on the current Internet culture, this research seeks to construct a multi-step security system as a counter measure. This multi-step security system utilizes the existing legacy security solution firewall, intrusion detection system, and intrusion prevention system and virus wall to pro...

متن کامل

Scenario Based Worm Trace Pattern Identification Technique

The number of malware variants is growing tremendously and the study of malware attacks on the Internet is still a demanding research domain. In this research, various logs from different OSI layer are explore to identify the traces leave on the attacker and victim logs, and the attack worm trace pattern are establish in order to reveal true attacker or victim. For the purpose of this paper, it...

متن کامل

A Stochastic Model for the Size of Worm Origin

Computer worms have infected millions of computers since 1980s. For an incident handler or a forensic investigator, it is important to know whether the worm attack to the network has been initiated from multiple different sources or just from one node. In this paper, we study the problem of predicting the number of infectious nodes at each step of worm propagation, when the spread of a homogene...

متن کامل

Survivality Modeling for Quantitative Security Assessment in Ubiquitous Computing Systems

Ubiquitous computing is about networked processors, which is constructed not only with one computer but with networks of computers. Security solutions usually lack a clear definition of survivality. Thus, this paper deals with a method of quantitatively assessing the system security based on the survivality. Since a logical step towards modeling survivality is to have a set of requirements firs...

متن کامل

A new multi-step ABS model to solve full row rank linear systems

ABS methods are direct iterative methods for solving linear systems of equations, where the i-th iteration satisfies the first i equations. Thus, a system of m equations is solved in at most m ABS iterates. In 2004 and 2007, two-step ABS methods were introduced in at most [((m+1))/2] steps to solve full row rank linear systems of equations. These methods consuming less space, are more compress ...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • CoRR

دوره abs/1001.3477  شماره 

صفحات  -

تاریخ انتشار 2010