Kurt Rohloff BBN Technologies 10 Moulton St. Cambridge, MA, 02138, USA...  Home/Search
Context
Related
| columbia.edu/~ange...worm11rohloff.pdf Cached: PDF This document uses CoBlitz to cache paper downloads. If your firewall is blocking outgoing connections to port 3125, you can use these links to download local copies.
PS.gz PS Image Update HelpFrom: columbia.edu/~angelos...wormprog (more) (Enter author homepages) |
Rate this article:      (best)Comment on this article |
Abstract: This paper discusses the problem of automatically detecting the existence of Random Constant Scanning (RCS) worm epidemics on the Internet by observing packet tra#c in a local network. The propagation of the RCS worm is modelled as a simple epidemic. An optimal hypothesis-testing approach is presented to detect simple epidemics under idealized conditions based on the cumulative sums of log-likelihood ratios. It is shown that there are limitations on the ability of this optimal method to detect ... (Update)
Active bibliography (related documents): More All
0.5: An Epidemic Model for Information Diffusion in MANETs - Khelil, Becker, Tian.. (2002) (Correct)
0.2: Adaptive Defense Against Various Network Attacks - Cliff Zou Nick (Correct)
0.2: The Limits of Global Scanning Worm Detectors - In The Presence (Correct)
Similar documents based on text:
0.0: Unknown - (Correct)
BibTeX entry: (Update)
@misc{ bbn-detection,
author = "Kurt Rohloff Bbn",
title = "The Detection of RCS Worm Epidemics",
url = "citeseer.ist.psu.edu/742634.html" }
Citations (may not include all citations):199 An Introduction to Signal Detection and Estimation (context) - Poor - 1994
129 Detection of Abrupt Changes: Theory and Applications - Basseville, Nikiforov - 1993
81 Sequential Analysis (context) - Wald - 1947
74 Code-red: A case study on the spread and victims of an Inter.. - Moore, Shannon et al. - 2002
69 How to 0wn the Internet in your spare time - Staniford, Paxson et al. - 2002
36 IEEE Security and Privacy (context) - Moore, Paxson et al. - 2003
30 Monitoring and early warning for Internet worms - Zou, Gao et al. - 2003
23 Fast portscan detection using sequential hypothesis testing - Jung, Paxson et al. - 2004
22 Very fast containment of scanning worms (context) - Weaver, Staniford et al. - 2004
20 The mathematics of infectious diseases (context) - Hethcote - 2000
11 Characteristics of Internet background radiation - Pang, Yegneswaran et al. - 2004
9 Epidemic Modelling: An Introduction (context) - Daley, Gani - 1999
9 Fast detection of scanning worm infections - Schechter, Jung et al. - 2004
8 Stochastic Epidemic Models and Their Statistical Analysis (context) - Andersson, Britton - 2000
2 Mathematical Models in Population Biology and Epidemiology (context) - Brauer, Castillo-Chavez - 2001
1 Stochastic behavior of random constant scanning worms (context) - Rohlo, Basar - 2005
Documents on the same site (http://www1.cs.columbia.edu/~angelos/worm05/worm-prog.html): More
Defending against Hitlist Worms using Network Address - Space Randomization Antonatos (Correct)
On the Effectiveness of Automatic Patching - Vojnovic, Ganesh (Correct)
A Self-Learning Worm Using Importance Scanning - Zesheng Chen Georgia (Correct)
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC