[ Pobierz całość w formacie PDF ]

tions to be integrated  as a standard part of routers and ceedings of the USENIX Winter Technical Conference, 17 21
1994.
switches  into the very heart of the network.
[21] D. Moore, V. Paxson, S. Savage, C. Shannon, S. Staniford, and
N. Weaver. The Spread of the Sapphire/Slammer Worm. IEEE
Security and Privacy, 1(4), July 2003.
9 Acknowledgements
[22] D. Moore, C. Shannon, and J. Brown. Code-Red: A Case Study
on the Spread and Victims of an Internet Worm. In Proceedings
We would like to thank David Moore, Ramana Kompella
of the ACM Internet Measurement Workshop, Nov. 2002.
and Geoff Voelker for their insightful discussions and
[23] D. Moore, C. Shannon, G. Voelker, and S. Savage. Internet Quar-
antine: Requirements for Containing Self-Propagating Code. In
Colleen Shannon, Jim Madden, Pat Wilson and David
IEEE Proceedings of the INFOCOM, Apr. 2003.
Visick for helping us understand the UCSD network. Fi-
[24] D. Moore, C. Shannon, G. Voelker, and S. Savage. Network
Telescopes. Technical Report CS2004-0795, CSE Department,
nally, we would like to thank both the anonymous re-
UCSD, July 2004.
viewers and our shepherd, David Wagner, for their con-
[25] D. Moore, G. M. Voelker, and S. Savage. Inferring Internet
Denial-of-Service Activity. In Proceedings of the USENIX Se-
structive comments and suggestions. Support for this
curity Symposium, Aug. 2001.
work was provided by NIST Grant 60NANB1D0118 and
[26] C. Morrow. BlackHole Route Server and Tracking Traffic on an
IP Network. http://www.secsup.org/Tracking/.
NSF Grant 0137102.
[27] A. Muthitacharoen, B. Chen, and D. Mazieres. A Low-bandwidth
Network File System. In Proceedings of the ACM SOSP Confer-
References
ence, Oct. 2001.
[1] Snort: Open source network intrusion detection system. [28] Network Associates Inc. McAfee Entercept Standard Edition.
www.snort.org, 2002. Product Datasheet.
[2] Carey Nachenberg. Method to analyze a program for presence [29] V. Paxson. Bro: a System for Detecting Network Intruders in
of computer viruses by examining the opcode for faults before Real-time. In Proceedings of the USENIX Security Symposium,
emulating instruction in emulator. U.S. Patent 5,964,889, Oct. Jan. 1998.
1999. [30] T. H. Ptacek and T. N. Newsham. Insertion, Evasion and Denial-
[3] Cisco Systems, Inc. Cisco Security Agent ROI: Deploying In- of-Service: Eluding Network Intrusion Detection. Technical re-
trusion Protection Agents on the Endpoint. Cisco Technical port, Secure Networks Inc., Jan. 1998.
Whitepaper. [31] J. C. Rabek, R. I. Khazan, S. M. Lewandowski, and R. K. Cun-
[4] F. Cohen. Computer Viruses  Theory and Experiments. In ningham. Detection of Injected, Dynamically Generated, and
Proceedings of the 7th DoD/NBS Computer Security Conference, Obfuscated Malicious Code. In Proceedings of the 2003 ACM
Sept. 1984. Workshop on Rapid Malcode, Oct. 2003.
[5] F. Cohen. Computer Viruses  Theory and Experiments. Com- [32] M. O. Rabin. Fingerprinting by Random Polynomials. Techni-
puters and Security, 6:22 35, 1987. cal Report 15-81, Center for Research in Computing Technology,
[6] Colleen Shannon and David Moore. The Spread of the Witty Harvard University, 1981.
Worm. IEEE Security and Privacy, 2(4), July 2004. [33] J. Rochlis and M. Eichin. With Microscope and Tweezers: The
[7] N. Duffield and M. Grossglauser. Trajectory sampling for direct Worm from MIT s Perspective. Communications of the ACM,
traffic observation. In Proceedings of the ACM SIGCOMM Con- 32(6):689 698, June 1989.
ference, Aug. 2000. [34] S. Singh, C. Estan, G. Varghese, and S. Savage. Real-time Detec-
[8] M. Erbschloe. Computer Economics VP Research Statement to tion of Known and Unknown Worms. Technical Report CS2003-
Reuters News Service, Nov. 2001. 0745, CSE Department, UCSD, May 2003.
[9] C. Estan, S. Savage, and G. Varghese. Automatically Inferring [35] S. Singh, C. Estan, G. Varghese, and S. Savage. The EarlyBird
Patterns of Resource Consumption in Network Traffic. In Pro- System for Real-time Detection of Unknown Worms. Technical
ceedings of the ACM SIGCOMM Conference, Aug. 2003. Report CS2003-0761, CSE Department, UCSD, Aug. 2003. [ Pobierz całość w formacie PDF ]

  • zanotowane.pl
  • doc.pisz.pl
  • pdf.pisz.pl
  • anielska.pev.pl