Results 1 -
6 of
6
Throttling Viruses: Restricting propagation to defeat malicious mobile code
, 2002
"... Modern computer viruses spread incredibly quickly, far faster than human-mediated responses. This greatly increases the damage that they cause. This paper presents an approach to restricting this high speed propagation automatically. The approach is based on the observation that during virus propaga ..."
Abstract
-
Cited by 214 (6 self)
- Add to MetaCart
(Show Context)
Modern computer viruses spread incredibly quickly, far faster than human-mediated responses. This greatly increases the damage that they cause. This paper presents an approach to restricting this high speed propagation automatically. The approach is based on the observation that during virus propagation, an infected machine will connect to as many different machines as fast as possible. An uninfected machine has a different behaviour: connections are made at a lower rate, and are locally correlated (repeat connections to recently accessed machines are likely).
Design, Implementation and Test of an Email Virus Throttle
- IN 19TH ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE
, 2003
"... This paper presents an approach to preventing the damage caused by viruses that travel via email. The approach prevents an infected machine spreading the virus further. This directly addresses the two ways that viruses cause damage: less machines spreading the virus will reduce the number of ma ..."
Abstract
-
Cited by 20 (2 self)
- Add to MetaCart
(Show Context)
This paper presents an approach to preventing the damage caused by viruses that travel via email. The approach prevents an infected machine spreading the virus further. This directly addresses the two ways that viruses cause damage: less machines spreading the virus will reduce the number of machines infected and reduce the traffic generated by the virus. The approach
An Epidemiological Model of Virus Spread and Cleanup
, 2003
"... Signature based anti-virus technologies are widely used to fight computer viruses. It is difficult to evaluate such systems because they work in the wild and few companies would be willing to turn them off to be part of a control group! This paper presents a new model of these technologies tha ..."
Abstract
-
Cited by 12 (1 self)
- Add to MetaCart
Signature based anti-virus technologies are widely used to fight computer viruses. It is difficult to evaluate such systems because they work in the wild and few companies would be willing to turn them off to be part of a control group! This paper presents a new model of these technologies that can be used to predict and evaluate their effectiveness. The paper
Abstract Detecting P2P-Controlled Bots on the Host
"... Storm Worm is a trojan that uses a Peer-to-Peer (P2P) protocol as a command and control channel of a botnet, which it forms. These botnets have, for example, been used in Distributed Denial of Service (DDoS) attacks. There have been studies on detecting botnet command and control channels of traditi ..."
Abstract
- Add to MetaCart
(Show Context)
Storm Worm is a trojan that uses a Peer-to-Peer (P2P) protocol as a command and control channel of a botnet, which it forms. These botnets have, for example, been used in Distributed Denial of Service (DDoS) attacks. There have been studies on detecting botnet command and control channels of traditional botnets at host level. This paper investigates if it is possible to apply some of these techniques to detect peer-to-peer botnets.
(Washington, DC) Original Submission
, 2001
"... In this paper, the security threats posed by the use of consumer grade instant messaging clients in the enterprise, including privacy and identity issues, and malware and bug vulnerabilities, are discussed. A course of action to include creation or revision of written security policies, installation ..."
Abstract
- Add to MetaCart
In this paper, the security threats posed by the use of consumer grade instant messaging clients in the enterprise, including privacy and identity issues, and malware and bug vulnerabilities, are discussed. A course of action to include creation or revision of written security policies, installation of antivirus protection at the gateway and on all servers and desktops, determination of requirements for secure instant messaging, and tightening of the company firewall to block consumer grade instant messaging clients is... Copyright SANS Institute
by
, 2008
"... This dissertation, written by Jose Andre Morales, and entitled A Behavior Based Approach to Virus Detection, having been approved in respect to style and intellectual content, is referred to you for judgment. We have read this dissertation and recommend that it be approved. ..."
Abstract
- Add to MetaCart
(Show Context)
This dissertation, written by Jose Andre Morales, and entitled A Behavior Based Approach to Virus Detection, having been approved in respect to style and intellectual content, is referred to you for judgment. We have read this dissertation and recommend that it be approved.