You are here: silicon.com > Resources > White Papers > Security > Intrusion - Tampering > Network Security

Network Security White Papers

A Distributed Host-Based Worm Detection System

Tags:
network security

Overview This paper present a method for detecting large-scale worm attacks using only end-host detectors. These detectors propagate and aggregate alerts to cooperating partners to detect large-scale distributed attacks in progress. The properties of the host-based detectors may in fact be relatively poor in isolation but when taken collectively result in a high-quality distributed worm detector. A cooperative alert sharing protocol coupled with distributed sequential hypothesis testing is implemented to generate global alarms about distributed attacks. The system's response is evaluated in the presence of a variety of false alarm conditions and in the presence of an Internet worm attack. This evaluation is conducted with agents on the Emulab and DETER emulated testbeds using real operating systems and computing platforms.

Further White Paper Details
Publisher	Association for Computing Machinery	File Format	PDF
Date Published	September 2006
Format	White Papers
Topics	Network Security, Security Tools

Did you find this white paper useful? 5 out of 9 users found this white paper useful

Balancing Security Against Productivity

Publisher:
Novell

Security: New strides in preventing intrusions.

Publisher:
IBM

Novell Zenworks Endpoint Security Management: Total Control from a Single Console

Publisher:
Novell

Secure Desktop On-Demand Webcast

Publisher:
Novell

County Government Increases the Security of Its Network

Publisher:
Microsoft

Will Windows eXPerience bring DoS disaster?

A DDoS attack requires a network intruder to break into a host of internet connected machines and then direct data packets from those various sources to a computer in their millions. Security experts are urging Microsoft to drop a user feature...

Channel:
Comment & Analysis

Windows worm now spreading

It will also add a registry key to ensure that the worm is restarted when the host computer is rebooted. The worm attacks Windows computers via a hole in the operating system, an issue Microsoft on 16 July had warned about.

New Windows virus outbreak just a matter of days

A virus or worm that exploits newly revealed vulnerabilities in the current versions of Windows could emerge fairly soon, security experts say, in part because the vulnerabilities are very similar to the flaws exploited by the MSBlast worm.

Devil's Advocate: Bounty hunters

Many worm-like programs were written prior to a famous 1988 work that practically shut down the internet. Martin Brampton says the Sobig worm is best viewed as part of a long line of trouble-making? The colourfully named vampire worm wandered...

Channel:
Security Strategy

3,300 new viruses hit computers

This month, TrendLabs declared two global Yellow Alerts, both worm-related, for Bagle.ac and Ratos.a. Another possible motive is to build a dormant "dark" network that could be used in the future to perform a large-scale attack against one or more...

Channel:
Malware

Government issues MySpool alert

The company said that aside from spreading across the internet, the worm also attempts to create a collective network which would allow remote hackers to launch a distributed denial-of-service attack from infected computers.

Channel:
Malware
Tags:
sans,
myspooler,
niscc

Live Webcast: Telecoms 2.0 - Where is telecoms heading?

In this webcast, our panel of experts will review where we are with next generation telecoms in the UK, working through the concept of 'Telecoms 2.0': - Realising the potential of Next Generation Networks - why it isn't just about the technology? - What attributes should firms be looking for in their telco partner? - Is the relationship between telco provider and customer changing? - What things need to happen to make next generation services a reality? - You say you want the supplier to change. Do you want to change too? - What is Telecoms 2.0?

Publisher:
ZDNet UK

Telecom 2.0: Mind over matter

ntl:Telewest Business believes that the role of the telco is evolving. Gone are the days when it was enough to simply focus on circuits and minutes, customers now need a far higher degree of interaction and look for suppliers who will talk business solutions with them.

Publisher:
ntl:Telewest Business

IBM Information Server Change Data Capture

In today's fast-paced world, access to real-time data has never been more important. To be successful, organizations need to be able to report and analyze corporate data quickly and easily, regardless of what applications created the data, what platform they're running on, or what database they're stored in.

Publisher:
IBM

An examination of server consolidation: the trends that can drive efficiencies and help businesses gain a competitive edge

This white paper provides a starting point for organizations contemplating server consolidation. It includes an overview of server consolidation concepts and techniques and provides guidance on methodologies. It also looks at the potential cost savings associated with server consolidation and offers information on how organizations can sustain the advantage they have gained by consolidating their servers.

Publisher:
IBM

Also on silicon.com

Site Navigation:

Network Security White Papers

A Distributed Host-Based Worm Detection System

Quick Sitemap Links:

About Us

Search

Blogs

Verticals

Advertising Features

CNET Networks in Europe

CNET Networks in the United States

CNET Networks in Asia Pacific