See this document in CiteSeerX!

Polymorphic Worm Detection Using Structural Information of Executables (2005)  (Make Corrections)  (3 citations)
Christopher Kruegel, Engin Kirda, Darren Mutz, William Robertson, Giovanni Vigna



  Home/Search   Context   Related

 
View or download:
auto.tuwien.ac.at/...aid05_polyworm.pdf
Cached:  PS.gz  PS  PDF   Image  Update  Help

From:  auto.tuwien.ac.at/...publications (more)
(Enter author homepages)

Rate this article: (best)
  Comment on this article  
(Enter summary)

Abstract: Network worms are malicious programs that spread automatically across networks by exploiting vulnerabilities that a#ect a large number of hosts. Because of the speed at which worms spread to large computer populations, countermeasures based on human reaction time are not feasible. Therefore, recent research has focused on devising new techniques to detect and contain network worms without the need of human supervision. In particular, a number of approaches have been proposed to... (Update)

Cited by:   More
Unknown - (2006)   (Correct)
c) 2003 IEEE. Personal use of this material is permitted. .. - Reprint Republish This (2006)   (Correct)
Behavioral and Structural Properties of Malicious Code - Kruegel (2005)   (Correct)

Active bibliography (related documents):   More   All
0.6:   Experiences Using Minos as A Tool for Capturing and.. - Crandall, Wu, Chong   (Correct)
0.5:   Scalability, Fidelity, and Containment in the.. - Vrable, Ma, Chen, .. (2005)   (Correct)
0.5:   Vigilante: End-to-End Containment of Internet Worms - Costa, Crowcroft, Castro.. (2005)   (Correct)

Similar documents based on text:
5.0:   Unknown -   (Correct)

Related documents from co-citation:   More   All
2:   Compilers: Principles (context) - Aho, Sethi et al. - 1986
2:   Semantics-Aware Malware Detection (context) - Christodorescu, Jha et al. - 2005
2:   Computer Virus--Antivirus Coevolution (context) - Nachenberg - 1997

BibTeX entry:   (Update)

C. Kruegel, E. Kirda, D. Mutz, W. Robertson, and G. Vigna. Polymorphic Worm Detection Using Structural Information of Executables. In 8th International Symposium on Recent Advances in Intrusion Detection (RAID), 2005. http://citeseer.ist.psu.edu/kruegel05polymorphic.html   More

@misc{ kruegel05polymorphic,
  author = "C. Kruegel and E. Kirda and D. Mutz and W. Robertson and G. Vigna",
  title = "Polymorphic Worm Detection Using Structural Information of Executables",
  text = "C. Kruegel, E. Kirda, D. Mutz, W. Robertson, and G. Vigna. Polymorphic
    Worm Detection Using Structural Information of Executables. In 8th International
    Symposium on Recent Advances in Intrusion Detection (RAID), 2005.",
  year = "2005",
  url = "citeseer.ist.psu.edu/kruegel05polymorphic.html" }
Citations (may not include all citations):
140   Snort - Lightweight Intrusion Detection for Networks (context) - Roesch - 1999
123   Bro: A System for Detecting Network Intruders in Real-Time - Paxson - 1998
74   Internet Quarantine: Requirements for Containing Self-Propag.. - Moore, Shannon et al. - 2003
69   How to 0wn the Internet in Your Spare Time - Staniford, Paxson et al. - 2002
61   Throttling Viruses: Restricting Propagation to Defeat Malici.. - Williamson - 2002
56   Practical graph isomorphism (context) - McKay - 1981
35   Implementing Discrete Mathematics: Combinatorics and Graph T.. (context) - Skiena - 1990
29   Distributed Worm Signature Detection (context) - Kim, Karp et al. - 2004
26   Canonical Labeling of Graphs (context) - annd, Luks - 1983
25   A Taxonomy of Computer Worms - Weaver, Paxson et al. - 2003
23   Automated Worm Fingerprinting - Singh, Estan et al. - 2004
22   Very Fast Containment of Scanning Worms (context) - Weaver, Staniford et al. - 2004
16   Honeycomb - Creating Intrusion Detection Signatures Using Ho.. - Kreibich, Crowcroft - 2003
11   Obfuscation of Executable Code to Improve Resistance to Stat.. - Linn, Debray - 2003
8   Polygraph: Automatically Generating Signatures for Polymorph.. (context) - Newsome, Karp et al. - 2005
8   HoneyStat: Local Worm Detection Using Honeypots (context) - Dagon, Qin et al. - 2004
8   Using Sensor Networks and Data Fusion for Early Detection (context) - Berk, Gray et al. - 2003
5   The Top Speed of Flash Worms - Staniford, Moore et al. - 2004
4   The Internet Motion Sensor: A Distributed Blackhole Monitori.. (context) - Bailey, Cooke et al. - 2005
4   New Streaming Algorithms for Fast Detection of Superspreader.. - Venkataraman, Song et al. - 2005
2   Center for Research in Computing Techonology (context) - Rabin, Random et al. - 1981
2   Advanced Polymorphic Worms: Evading IDS by Blending in with .. - Kolesnikov, Lee - 2004
1   Static Analysis of Obfuscated Binaries (context) - Kruegel, Valeur et al. - 2004
1   DNS-based Detection of Scanning WormsinanEnterpriseNetwork (context) - Whyte, Kranakis et al. - 2005
http://www.phrack.org/show.php?
http://cs.anu.edu.au/~bdm/
http://www.ktwo.ca/

Documents on the same site (http://www.auto.tuwien.ac.at/~chris/research/publications.html):   More
Protecting Users against Phishing Attacks - Kirda, Kruegel (2005)   (Correct)
Connection-History Based Anomaly Detection - Toth, Krügel (2002)   (Correct)
Noxes: A Client-Side Solution for Mitigating.. - Kirda, Kruegel.. (2006)   (Correct)

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC