Defense and Detection Strategies against Internet Worms by Jose Nazario

By Jose Nazario

This can be the 1st e-book centred solely on web worms, delivering you strong trojan horse detection and mitigation options to your paintings within the box. This ground-breaking quantity permits you to placed emerging malicious program traits into point of view with useful details in detection and protection concepts using facts from reside networks, actual IP addresses, and advertisement instruments. The publication is helping the classifications and groupings of worms, and gives a deeper realizing of ways they threaten community and method protection.

After studying how a bug is built and the way its significant lifestyles cycle steps are carried out, the publication scrutinizes goals that worms have attacked through the years, and the most probably ambitions of the instant destiny. additionally, this special reference explains easy methods to observe worms utilizing a number of mechanisms, and evaluates the strengths and weaknesses of 3 approaches—traffic research, honeypots and darkish community screens, and signature research. The publication concludes with a dialogue of 4 powerful defenses opposed to community worms, together with host-based defenses, community firewalls and filters, program layer proxies, and a right away assault at the computer virus community itself.

Show description

Read Online or Download Defense and Detection Strategies against Internet Worms PDF

Best networking: internet books

Networks of Innovation Change and Meaning in the Age of the Internet

This quantity takes an strategy that's varied out of your general internet-related books. the first concentration is the idea of Open resource Innovation. this can be the open, collective interactive mode of innovation that includes little traditional monetary transaction. This ebook is going from an research of the early stages of web improvement to its significance at the present time.

Programming Internet Email HQ [SMTP,MIME,IMAP,POP3]

Three hundred pages, 7 x 10 inches or 18 x 25. five cm, demanding disguise, 60 images (57 color), index. This ebook, initially released in German, is a well-known vintage at the biology of captive reptiles (and chosen amphibians). In it, the writer conscientiously summarizes a big physique of knowledge either his personal vast adventure at Tierpark Berlin and an enormous literature a lot of which has been little identified open air the German-speaking international.

Google Docs 4 Everyone

  Who wishes dear, outdated workplace software program? Now, you are able to do every little thing on-line, unfastened, with Google doctors! specialists Steve and Nancy Holzner provide easy, step by step directions and nice insider assistance for benefiting from Google’s robust on-line notice processing, spreadsheet, and presentation instruments.

Extra info for Defense and Detection Strategies against Internet Worms

Example text

4] CERT Coordination Center, “Widespread Compromises via ‘Ramen’ Toolkit," CERT Incident Note IN-2001-01, 2001. htmls. 4 Conclusions References B ecause of its continual growth and typical repetitive nature, worm traffic can be readily characterized. Although it is relatively easy to build a signature for a detection engine, typically used on a network intrusion detection system (NIDS) and discussed in Chapter 11, a more flexible approach is to look at traffic characteristics and monitor their trends.

They require careful consideration of network design and security implementations, along with an aggressive strategy for defense on all fronts. 4 The persistent costs of worms Often discussed but rarely investigated are the financial costs associated with the continual presence of worms on the Internet. Worms by their very nature continue to work long after their introduction. Similar to the scenario faced by populations battling diseases and plagues, worms can be almost impossible to eliminate until long after the targets are removed from the Internet.

Passive reconnaissance has the advantage of keeping monitoring hosts nearly totally silent from detection. 4 Taking control: attack 15 Code Red and Ramen, which actively scan large chunks of the Internet looking for vulnerable hosts. 4 Taking control: attack The worm’s attack components are their most visible and prevalent element. This is the means by which worm systems gain entry on remote systems and begin their infection cycle. These methods can include the standard remote exploits, such as buffer overflows, cgi-bin errors, or similar, or they can include Trojan horse methods.

Download PDF sample

Rated 4.56 of 5 – based on 24 votes