You are here: silicon.com > Resources > White Papers > Security > Security Administration > Security Management

Security Management White Papers

Efficient Quarantining of Scanning Worms: Optimal Detection and Coordination

Overview Current generation worms have caused considerable damage, despite their use of unsophisticated scanning strategies for detecting vulnerable hosts. A number of adaptive techniques have been proposed for quarantining hosts whose behaviour is deemed suspicious. Such techniques have been proven to be effective against fast scanning worms. However, worms could evade detection by being less aggressive. This paper considers the interplay between worm strategies and detection techniques, which can be described in game-theoretic terms. The authors use epidemiological modelling to characterise the outcome of the game (the pay-off function), as a function of the strategies of the worm and the detector. This paper designs detection rules that are optimal against scanning worms with known characteristics.

Further White Paper Details
Publisher	Microsoft	File Format	PDF
Date Published	January 2006
Format	White Papers
Topics	Security Management

Did you find this white paper useful? 1 out of 2 users found this white paper useful

Take a holistic approach to business-driven security

Publisher:
IBM

Balancing Security Against Productivity

Publisher:
Novell

Novell Zenworks Endpoint Security Management: Total Control from a Single Console

Publisher:
Novell

Secure Desktop On-Demand Webcast

Publisher:
Novell

Web application security: automated scanning versus manual penetration testing

Publisher:
IBM

Virus Alert: Voyager worm hybrid spells trouble

Security Focus has identified a hybrid distributed denial of service (DDoS) tool that features some of the self-propagating techniques previously seen only in worms. The tool is propagated through incorrectly configured Microsoft SQL server systems...

Channel:
Security Strategy

Latest worm threat is spotted early

MessageLabs said the threat alarm policy of its scanning engine, Sceptic, was guided by a number of criteria, including detection frequency and the characteristics of the threat. The company said the attachment was sufficiently different from other...

Channel:
Security Strategy
Tags:
worm

Virus 'double whammy' hits users

Cluley said: "However good an ISP, web email account or antivirus gateway product may be at scanning email, it will be useless at detecting the worm inside the encrypted Zip file. Both worms are mass mailers and show few signs of reinventing the...

Peter Cochrane's Uncommon Sense: The ever-evolving virus

The fight against viruses, worms, Trojan horses and other digital pests may seem futile. Unlike conventional viruses or worms, bots don't blindly roam the internet looking for victims. To my mind it is time to derive and define a 'killer bot...

Ecommerce players put muscle into security

He cautioned that a failure in the federation approach could greatly damage consumer confidence. He noted that consumers usually would not make the effort because they do not have any "skin in the game", since merchants and banks are typically the...

Channel:
WebWatch

HP to hack its customers

HP is to launch a penetration-testing service for businesses in October but has denied reports it will unleash worms on its customers. We're most concerned with 'wormable' vulnerabilities - ones that can be exploited using worms, as they have the...

Featured White Papers

Telecom 2.0: Mind over matter

ntl:Telewest Business believes that the role of the telco is evolving. Gone are the days when it was enough to simply focus on circuits and minutes, customers now need a far higher degree of interaction and look for suppliers who will talk business solutions with them.

Publisher:
ntl:Telewest Business

IBM Information Server Change Data Capture

In today's fast-paced world, access to real-time data has never been more important. To be successful, organizations need to be able to report and analyze corporate data quickly and easily, regardless of what applications created the data, what platform they're running on, or what database they're stored in.

Publisher:
IBM

An examination of server consolidation: the trends that can drive efficiencies and help businesses gain a competitive edge

This white paper provides a starting point for organizations contemplating server consolidation. It includes an overview of server consolidation concepts and techniques and provides guidance on methodologies. It also looks at the potential cost savings associated with server consolidation and offers information on how organizations can sustain the advantage they have gained by consolidating their servers.

Publisher:
IBM

Also on silicon.com

Site Navigation:

Security Management White Papers

Efficient Quarantining of Scanning Worms: Optimal Detection and Coordination

Quick Sitemap Links:

About Us

Search

Blogs

Verticals

Advertising Features

Europe

United States

Asia Pacific