WORM vs. WORM

Frank Castaneda, Emre Can Sezer, Jun Xu
2004 Proceedings of the 2004 ACM workshop on Rapid malcode - WORM '04  
Self-propagating computer worms have been terrorizing the Internet for the last several years. With the increasing density, inter-connectivity and bandwidth of the Internet combined with security measures that inadequately scale, worms will continue to plague the Internet community. Existing anti-virus and intrusion detection systems are clearly inadequate to defend against many recent fast-spreading worms. In this paper we explore an active counter-attack methodanti-worms. We propose a method
more » ... hat transforms a malicious worm into an anti-worm which disinfects its original. The method is evaluated using the CodeRed, Blaster and Slammer worms. We show through simulation the effectiveness of an anti-worm with several propagation schemes and its impact on the overall network. We also discuss important limitations of the proposed method.
doi:10.1145/1029618.1029631 dblp:conf/worm/CastanedaSX04 fatcat:v5rrbkoddzavvikibirnym7r6m