Worm

 

Report

 

CAIDA Analysis of Code-Red

http://www.caida.org/analysis/security/code-red/   

http://www.caida.org/analysis/security/code-red/coderedv2_analysis.xml

 

CAIDA Dynamic Graphs of the Nimda worm      

http://www.caida.org/dynamic/analysis/security/nimda/

 

CAIDA -- Recent Internet Worms: Who Are the Victims, and How Good Are We at Getting the Word Out?

http://www.nanog.org/mtg-0110/moore.html

 

CERT® Advisory CA-2001-23 Continued Threat of the "Code Red" Worm

http://www.cert.org/advisories/CA-2001-23.html

 

CERT® Advisory CA-2001-26 Nimda Worm

http://www.cert.org/advisories/CA-2001-26.html

 

SecurityFocus -- Code Red II Worm

http://aris.securityfocus.com/alerts/codered2/010805-Analysis-CodeRedII.pdf

 

SecurityFocus -- Nimda Worm Analysis

http://aris.securityfocus.com/alerts/nimda/010919-Analysis-Nimda.pdf

 

Incidents.org -- NIMDA Worm/Virus Report

http://www.incidents.org/react/nimda.pdf

 

Arbor Network -- A Snapshot of Global Worm Activity

http://research.arbor.net/standard?tid=29&cid=19

 

Renesys.com -- Global Routing Instabilities during Code Red II and Nimda Worm Propagation

http://www.renesys.com/projects/bgp_instability/

 

Crimelabs Security Group -- The Future of Internet Worms

http://www.crimelabs.net/docs/

 

IBM Thomas J. Watson Research Center -- Open Problems in Computer Virus Research

http://www.research.ibm.com/antivirus/SciPapers/White/Problems/Problems.html

 

Modeling

 

Nicholas C Weaver -- Warhol Worms: The Potential for Very Fast Internet Plagues

http://www.cs.berkeley.edu/~nweaver/warhol.html 

http://www.cs.berkeley.edu/~nweaver/worms.pdf (Potential Strategies for High Speed Active Worms: A Worst Case Analysis)

http://www.cs.berkeley.edu/~nweaver/cdc.web/ (How to 0wn the Internet in Your Spare Time)

 

IBM Research Projects Antivirus Research

http://www.research.ibm.com/antivirus/index.htm

 

Virgina -- Virus & Worm Propagation Studies

http://www.cs.virginia.edu/~survive/research/virus.html

 

Silicon Defense -- Code Red Analysis pages (Stuart Staniford)     

http://www.silicondefense.com/cr/

http://www.silicondefense.com/flash/ (Flash Worms: Thirty Seconds to Infect the Internet)

 

Research of Changchun Zou

http://tennis.ecs.umass.edu/~czou/research.htm

 

          William M. Spears -- Models of Viral Epidemiology

                    http://www.cs.uwyo.edu/~wspears/virus.html

 

          Romualdo Pastor-Satorras -- Epidemics and immunization in scale-free networks

                    http://complex.upc.es/~romu/paperlist2.html

         

          DIMACS Working Group

                        http://dimacs.rutgers.edu/Workshops/Analogies/announcement.html

 

          Michael Liljenstam -- A Mixed Abstraction Level Simulation Model of Large-Scale Internet Worm Infestations

                    http://www.cs.dartmouth.edu/~mili/publs_by_area.html#Worms

 

Detection

           

Hack Busters -- LaBrea --The Tarpit

http://www.hackbusters.net/LaBrea/

 

NANOG -- Practical Approaches to Dealing with DDoS Attacks

http://www.nanog.org/mtg-0105/poletto.html

 

Haining Wang -- Detecting SYN Flooding Attacks

http://www.eecs.umich.edu/~hxw/paper/attack.pdf

 

Michèle Basseville -- Detection of Abrupt Changes - Theory and Application

http://www.irisa.fr/sigma2/kniga/

 

MIT Lincoln Laboratory -- DARPA Intrusion Detection Evaluation

http://www.ll.mit.edu/IST/ideval/index.html

 

RAID -- International Symposium on Recent Advances in Intrusion Detection

http://www.raid-symposium.org/

 

Randomness

http://www.cs.berkeley.edu/~daw/rnd/

 

News

 

SecurityFocus

                        http://www.securityfocus.com

           

CERT Coordination Center

http://www.cert.org/

 

Incidents.org

http://www.incidents.org/

 

Phrack.org

http://www.phrack.org/

 

WORMALERT

http://www.wormalert.org/

 

Distributed.net

http://www.distributed.net/

 

Security Reponse

http://www.sarc.com

 

Vmyths.com

http://www.vmyths.com/

 

MSN Messenger Worm Marks Troubling Trend

http://www.newsfactor.com/perl/story/16355.html

 

Others

 

Physical Review Letters

http://prl.aps.org/

 

Data Network Security Information

http://mathlab.usc.edu/~bohacek/InfoSys/DNSInfo.html

 

Research/White Papers

http://members.tripod.com/~k_wismer/papers.htm

 

AVIEN.ORG

http://avien.org/

 

John D. Howard -- An Analysis Of Security Incidents On The Internet 1989 - 1995

http://www.cert.org/research/JHThesis/Start.html

 

Internet Domain Survey

http://www.isc.org/ds/

 

Crypt Newsletter

http://sun.soci.niu.edu/~crypt/

 

Stefan Savage

http://www-cse.ucsd.edu/~savage/

 

UCSD -- Epidemiological Protocols

http://www-cse.ucsd.edu/~marzullo/gossip.htm

 

Fred Cohen &Associates

http://all.net

 

VIRUS RESEARCH UNIT

http://www.uta.fi/laitokset/virus/

 

F-Secure, Securing the Mobile Enterprise

http://www.datafellows.com/

 

VBS Worm Generator

http://vx.netlux.org/dat/tv07.shtml

 

New Order -- the computer & networking security portal

http://neworder.box.sk/

 

 

Go back to Multimedia Networking & Internet Lab

Any comments or suggestion, please contact: zchen@ecs.umass.edu