Show simple item record

dc.contributor.authorAbdelhafez, Mohamed
dc.contributor.authorRiley, George F.
dc.date.accessioned2006-11-14T20:38:41Z
dc.date.available2006-11-14T20:38:41Z
dc.date.issued2005-03
dc.identifier.urihttp://hdl.handle.net/1853/12551
dc.description©2005 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or distribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE. This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.en
dc.descriptionPresented at the Third International Workshop on Information Assurance (IWIA), March 2005
dc.description.abstractInternet worm attacks have become increasingly more frequent and have had a major impact on the economy, making the detection and prevention of these attacks a top security concern. Several counter–measures have been proposed and evaluated in recent literature. However, the effect of these proposed defensive mechanisms on legitimate competing traffic has not been analyzed. Clearly, a defensive approach that slows down or stops worm propagation at the expense of completely restricting any legitimate traffic is of little value. Here we perform a comparative analysis of the effectiveness of several of these proposed mechanisms, including a measure of their effect on normal web browsing activities. In addition, we introduce a new defensive approach that can easily be implemented on existing hosts, and which significantly reduces the rate of spread of worms using TCP connections to perform the infiltration. Our approach has no measurable effect on legitimate traffic.en
dc.format.extent180868 bytes
dc.format.mimetypeapplication/pdf
dc.language.isoen_USen
dc.publisherGeorgia Institute of Technologyen
dc.subjectInterneten
dc.subjectInformation retrievalen
dc.subjectInvasive softwareen
dc.titleEvaluation of Worm Containment Algorithms and their Effect on Legitimate Trafficen
dc.typeProceedingsen
dc.contributor.corporatenameGeorgia Institute of Technology. School of Electrical and Computer Engineering
dc.publisher.originalInstitute of Electrical and Electronics Engineers, Inc., New York


Files in this item

Thumbnail

This item appears in the following Collection(s)

  • MANIACS Publications [35]
    Papers, Pre/Post-Prints, and Presentations by Faculty and Students in the MANIACS program.

Show simple item record