Title :
Defending against Internet worm-like infestations
Author :
Lai, Shou-Chuan ; Kuo, Wen-Chu ; Hsieh, Mu-Cheng
Author_Institution :
Comput. & Commun. Center, Nat. Tsing Hua Univ., Hsinchu, Taiwan
Abstract :
The easy access and wide usage of the Internet make it more convenient for technical research and information exchange. However, malicious codes, such as Code Red, Nimda, SQL Slammer and W32/Blaster, also occur more frequently and severely than ever. These self-propagating malicious codes can invade network and paralyze normal network operation. These Internet worms could, in a very short time, cause great damage to network and information infrastructure. Therefore, Internet worms have become vital threats to network and security management. In this paper, we present a proactive responding scheme to deal with Internet worms. Based on this scheme, we designed and implemented a pro-active defending system against Internet worms. This proactive defending system will monitor network traffic, detect hosts with abnormal network behavior and isolate these hosts from the managed network. The results show that it can efficiently mitigate the impact caused by Internet worms and stop the wide-spreading of Internet worms.
Keywords :
Internet; invasive software; system monitoring; telecommunication security; telecommunication traffic; Code Red; Internet worms; Nimda; SQL Slammer; W32/Blaster; information exchange; malicious codes; network invasion; network operation; network paralysis; network security; network traffic monitoring; security management; worm infestations; Computer science; Computer worms; Control engineering; IP networks; Information security; Internet; Military computing; Monitoring; Software prototyping; Telecommunication traffic;
Conference_Titel :
Advanced Information Networking and Applications, 2004. AINA 2004. 18th International Conference on
Print_ISBN :
0-7695-2051-0
DOI :
10.1109/AINA.2004.1283903
