E. H. Spafford. An analysis of the Internet worm. In C. Ghezzi and J. A. McDermid, editors, Proceedings of the 2nd European Software Engineering Conference, pages 446-- 468, Sept. 1989. Issued as #87 in the Lecture Notes in Computer Science series.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....attacker to gain control of a million Internet hosts, or perhaps even ten million. The highway to such control lies in the exploitation of worms: programs that self propagate across the Internet by exploiting security flaws in widely used services. Internet scale worms are not a new phenomenon [Sp89, ER89], but the severity of their threat has rapidly grown with (i) the increasing degree to which the In We distinguish between the worms discussed in this paper active worms and viruses (or email worms) in that the latter require some sort of user action to abet their propagation. As such, ....

....Indeed, it appears that Code Red II took a while to overcome Code Red I (see Figure 1) but fully determining the interplay between the two appears to be a significant undertaking. 3. 2 Multi vector worms Nimda As well illustrated by the Nimda worm virus (and, indeed, the original Internet Worm [Sp89, ER89]) malevolent code is not restricted to a single technique. Nimda began on September 18th, 2001, spread very rapidly, and maintained itself on the Internet for months after it started. Nimda spread extensively behind firewalls, and illustrates the ferocity and wide reach that a multi mode worm can ....

[Article contains additional citation context not shown here]

Eugene Spafford, "An Analysis of the Internet Worm," Proc. European Software Engineering Conference, pp. 446--468, Sep. 1989. Lecture Notes in Computer Science #387, Springer-Verlag.

No context found.

E. H. Spafford. An analysis of the Internet worm. In C. Ghezzi and J. A. McDermid, editors, Proceedings of the 2nd European Software Engineering Conference, pages 446-- 468, Sept. 1989. Issued as #87 in the Lecture Notes in Computer Science series.

No context found.

Eugene H. Spafford. An analysis of the internet worm. In C. Ghezzi and J. A. McDermid, editors, Proceedings of the 2nd European Software Engineering Conference, number 387 in Lecture Notes in Computer Science, pages 446--468. Springer-Verlag, September 1989. Also available as http://www.cs.purdue.edu/homes/spaf/tech-reps/933.ps.

....depend. Commercial software vendors are still writing and releasing software needing patches for bugs that were well known as security problems over 20 years ago 4 Even when highly publicized problems occur, such as the buffer overflow problem exploited by the 1988 Morris Internet Worm [10, 11], or the year 2000 date problem, those same software faults continue to be incorporated into new operating systems and applications. Systems continue to be built using techniques known to be unsafe. Why aren t these problems avoided Why is it that our students do not learn better security ....

....has already made progress in each of these areas. The following text details a few significant results. Since 1987, COAST faculty and students have been exploring issues in practical computer security. Their work has included widely cited work in analysis of malicious code including viruses (e.g. [11, 10, 12, 13, 14]) In 1991, COAST director Gene Spafford coauthored the award winning book Practical UNIX and Internet Security[17] now considered the standard reference in the field. He has also been involved in work on static audit and analysis tools. An initial result of this work was the COPS[5] security ....

Eugene H. Spafford. An analysis of the internet worm. In C. Ghezzi and J. A. McDermid, editors, Proceedings of the 2nd European Software Engineering Conference, number 387 in Lecture Notes in Computer Science, pages 446--468. Springer-Verlag, September 1989. Also available as http://www.cs.purdue.edu/homes/spaf/tech-reps/933.ps.

....the community at large. Significantly, COAST has already made progress in each of these areas. Since 1987, Professor Spafford and his students have been exploring issues in practical computer security. Their work has included widely cited work in analysis of malicious code including viruses (e.g. [30, 29, 33, 34, 35]) In 1991, Spaf coauthored the award winning book Practical UNIX Security[13] now considered the standard reference in the field. He has also been involved in work on static audit and analysis tools. An initial result of this work was the COPS[12] security audit tool for UNIX systems, used ....

Eugene H. Spafford. An analysis of the internet worm. In C. Ghezzi and J. A. McDermid, editors, Proceedings of the 2nd European Software Engineering Conference, number 387 in Lecture Notes in Computer Science, pages 446--468. Springer-Verlag, September 1989. Also available as http://www.cs.purdue.edu/homes/spaf/tech-reps/933.ps.

....and an author who is familiar not only with the network services and facilities, but also with the operating facilities required to support them once they have reached the machine. The Internet worm incident of November, 1988 clogged machines and networks as it spread, and is an example of a worm. [9, 8] Worms have also appeared in other science fiction literature. Recent cyberpunk novels such as Neuromancer by William Gibson [4] refer to worms by the term virus. The media has also often referred incorrectly to worms as viruses. This paper focuses only on viruses as defined here. Many of the ....

Eugene H. Spafford. An analysis of the internet worm. In C. Ghezzi and J. A. McDermid, editors, Proceedings of the 2nd European Software Engineering Conference, pages 446--468. Springer-Verlag, September 1989.

....in more fully examining the security implications of their areas, provided that outside interest warrants it. Since 1987, Professor Spafford has been exploring issues in practical computer security. His work has included widely cited work in analysis of malicious code such as viruses (e.g. [27, 26, 28, 31, 32]) In 1991, he coauthored the award winning book Practical UNIX Security [13] now considered the standard reference in the field. He has also been involved in work on static audit and analysis tools. An initial result of this work was the COPS[12] security audit tool for UNIX systems, used ....

Eugene H. Spafford. An analysis of the internet worm. In C. Ghezzi and J. A. McDermid, editors, Proceedings of the 2nd European Software Engineering Conference, number 387 in Lecture Notes in Computer Science, pages 446--468. Springer-Verlag, September 1989.

....is to explore how to increase confidence in existing systems in a cost effective and user friendly manner. At Purdue over the last five years, I have been exploring issues in practical computer security. My work has included widely cited work in analysis of malicious code such as viruses (e.g. [22, 23, 26, 27]) In 1991, I coauthored the award winning book Practical UNIX Security [11] now considered the standard reference in the field. I have also been involved in work on static audit and analysis tools. An initial result of this work was the COPS [10] security audit tool for UNIX systems, used ....

Eugene H. Spafford. An analysis of the internet worm. In C. Ghezzi and J. A. McDermid, editors, Proceedings of the 2nd European Software Engineering Conference, pages 446--468. Springer-Verlag, September 1989.

....such as a life critical emergency. The article also discusses why no break in is harmless. 1 Introduction On November 2, 1988, a program was run on the Internet that replicated itself on thousands of machines, often loading them to the point where they were unable to process normal requests. [1, 2, 3] This Internet Worm program was stopped in a matter of hours, but the controversy engendered by its release has raged for a year and a half. Other recent incidents, such as the wily hackers 1 tracked by Cliff Stoll [4] the Legion of Doom members To appear in a special issue of The ....

Eugene H. Spafford. An analysis of the internet worm. In C. Ghezzi and J. A. McDermid, editors, Proceedings of the 2nd European Software Engineering Conference, pages 446--468. Springer-Verlag, September 1989.

....example of a damaging worm program. 26, 27, 22] The Worm clogged machines and networks as it spread out of control, replicating on thousands of machines around the Internet. Some authors (e.g. 7] labeled the Internet Worm as a virus, but those arguments are not convincing (cf. the discussion in [25]) Most people working with self replicating code now accept the Worm as a form of software distinct from computer viruses. Few computer worms have been written in the time since then, especially worms that have caused damage, because they are not easy to write. Worms require a network environment ....

Eugene H. Spafford. An analysis of the internet worm. In C. Ghezzi and J. A. McDermid, editors, Proceedings of the 2nd European Software Engineering Conference, pages 446--468. Springer-Verlag, September 1989.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC