Collaborative internet worm containment

Min Cai; Kai Hwang; Yu Kwong Kwok; Shanshan Song; Yu Chen

doi:10.1109/MSP.2005.63

Collaborative internet worm containment

Min Cai, Kai Hwang, Yu Kwong Kwok, Shanshan Song, Yu Chen

Research output: Contribution to journal › Review article › peer-review

70 Citations (Scopus)

Abstract

Large-scale worm outbrakes that leads to distributed denial-of-dervice attacks pose a major threat to internet infrastructure security. To prevent computers from such attacks deployment of fast, scalable security overlay networks based on distributed hash tables to facilitate high-speed intrusion detection and alert-information exchange are proposed. An effective system for worm detection and cyberspace defence must have robustness, cooperation among multiple sites, responsiveness to unexpected worms and efficiency and scalability. Deployment of collaborative WormShield monitors on just 1 percent of the vulnerable edge networks can detect worm signatures roughly 10 times faster than with independent monitors.

Original language	English
Pages (from-to)	25-33
Number of pages	9
Journal	IEEE Security and Privacy
Volume	3
Issue number	3
DOIs	https://doi.org/10.1109/MSP.2005.63
Publication status	Published - May 2005
Externally published	Yes

Access to Document

10.1109/MSP.2005.63

Cite this

@article{9441f946717441a7a3bdefd61d8d377b,

title = "Collaborative internet worm containment",

abstract = "Large-scale worm outbrakes that leads to distributed denial-of-dervice attacks pose a major threat to internet infrastructure security. To prevent computers from such attacks deployment of fast, scalable security overlay networks based on distributed hash tables to facilitate high-speed intrusion detection and alert-information exchange are proposed. An effective system for worm detection and cyberspace defence must have robustness, cooperation among multiple sites, responsiveness to unexpected worms and efficiency and scalability. Deployment of collaborative WormShield monitors on just 1 percent of the vulnerable edge networks can detect worm signatures roughly 10 times faster than with independent monitors.",

author = "Min Cai and Kai Hwang and Kwok, {Yu Kwong} and Shanshan Song and Yu Chen",

note = "Funding Information: The US National Science Foundation supports this work under ITR grant number ACI-0325409. We thank the GridSec research group at the University of Southern California for helpful discussions that improved this article.",

year = "2005",

month = may,

doi = "10.1109/MSP.2005.63",

language = "English",

volume = "3",

pages = "25--33",

number = "3",

}

TY - JOUR

T1 - Collaborative internet worm containment

AU - Cai, Min

AU - Hwang, Kai

AU - Kwok, Yu Kwong

AU - Song, Shanshan

AU - Chen, Yu

N1 - Funding Information: The US National Science Foundation supports this work under ITR grant number ACI-0325409. We thank the GridSec research group at the University of Southern California for helpful discussions that improved this article.

PY - 2005/5

Y1 - 2005/5

N2 - Large-scale worm outbrakes that leads to distributed denial-of-dervice attacks pose a major threat to internet infrastructure security. To prevent computers from such attacks deployment of fast, scalable security overlay networks based on distributed hash tables to facilitate high-speed intrusion detection and alert-information exchange are proposed. An effective system for worm detection and cyberspace defence must have robustness, cooperation among multiple sites, responsiveness to unexpected worms and efficiency and scalability. Deployment of collaborative WormShield monitors on just 1 percent of the vulnerable edge networks can detect worm signatures roughly 10 times faster than with independent monitors.

AB - Large-scale worm outbrakes that leads to distributed denial-of-dervice attacks pose a major threat to internet infrastructure security. To prevent computers from such attacks deployment of fast, scalable security overlay networks based on distributed hash tables to facilitate high-speed intrusion detection and alert-information exchange are proposed. An effective system for worm detection and cyberspace defence must have robustness, cooperation among multiple sites, responsiveness to unexpected worms and efficiency and scalability. Deployment of collaborative WormShield monitors on just 1 percent of the vulnerable edge networks can detect worm signatures roughly 10 times faster than with independent monitors.

UR - http://www.scopus.com/inward/record.url?scp=20844436808&partnerID=8YFLogxK

U2 - 10.1109/MSP.2005.63

DO - 10.1109/MSP.2005.63

M3 - Review article

AN - SCOPUS:20844436808

SN - 1540-7993

VL - 3

SP - 25

EP - 33

JO - IEEE Security and Privacy

JF - IEEE Security and Privacy

IS - 3

ER -

Collaborative internet worm containment

Abstract

Access to Document

Other files and links

Fingerprint

Cite this