New Multi-step Worm Attack Model
The traditional worms such as Blaster, Code Red, Slammer and Sasser, are still infecting vulnerable machines on the internet. They will remain as significant threats due to their fast spreading nature on the internet. Various traditional worms attack pattern has been analyzed from various logs at d...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | Article |
| Language: | en |
| Published: |
Journal of Computing
2010
|
| Subjects: | |
| Online Access: | http://eprints.utem.edu.my/id/eprint/63/1/1001.3477.pdf http://eprints.utem.edu.my/id/eprint/63/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1832715928909905920 |
|---|---|
| author | Yusof, R. Selamat, S. R. Sahib, S. Abdollah, M. F. Mas'ud, M. Z. Ramly, M. |
| author_facet | Yusof, R. Selamat, S. R. Sahib, S. Abdollah, M. F. Mas'ud, M. Z. Ramly, M. |
| author_sort | Yusof, R. |
| building | UTEM Library |
| collection | Institutional Repository |
| content_provider | Universiti Teknikal Malaysia Melaka |
| content_source | UTEM Institutional Repository |
| continent | Asia |
| country | Malaysia |
| description | The traditional worms such as Blaster, Code Red, Slammer and Sasser, are still infecting vulnerable machines on
the internet. They will remain as significant threats due to their fast spreading nature on the internet. Various traditional worms attack pattern has been analyzed from various logs at different OSI layers such as victim logs, attacker logs and IDS alert log. These worms attack pattern can be abstracted to form worms’ attack model which describes the process of worms’ infection. For the purpose of this paper, only Blaster variants were used during the experiment. This paper proposes a multi-step worm attack model which can be extended into research areas in alert correlation and computer forensic investigation. |
| format | Article |
| id | my.utem.eprints-63 |
| institution | Universiti Teknikal Malaysia Melaka |
| language | en |
| publishDate | 2010 |
| publisher | Journal of Computing |
| record_format | eprints |
| spelling | my.utem.eprints-632021-09-19T17:12:12Z http://eprints.utem.edu.my/id/eprint/63/ New Multi-step Worm Attack Model Yusof, R. Selamat, S. R. Sahib, S. Abdollah, M. F. Mas'ud, M. Z. Ramly, M. Q Science (General) The traditional worms such as Blaster, Code Red, Slammer and Sasser, are still infecting vulnerable machines on the internet. They will remain as significant threats due to their fast spreading nature on the internet. Various traditional worms attack pattern has been analyzed from various logs at different OSI layers such as victim logs, attacker logs and IDS alert log. These worms attack pattern can be abstracted to form worms’ attack model which describes the process of worms’ infection. For the purpose of this paper, only Blaster variants were used during the experiment. This paper proposes a multi-step worm attack model which can be extended into research areas in alert correlation and computer forensic investigation. Journal of Computing 2010-01 Article PeerReviewed text en http://eprints.utem.edu.my/id/eprint/63/1/1001.3477.pdf Yusof, R. and Selamat, S. R. and Sahib, S. and Abdollah, M. F. and Mas'ud, M. Z. and Ramly, M. (2010) New Multi-step Worm Attack Model. Journal of Computing, 2 (1). pp. 1-7. ISSN 2151-9617 HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/ |
| spellingShingle | Q Science (General) Yusof, R. Selamat, S. R. Sahib, S. Abdollah, M. F. Mas'ud, M. Z. Ramly, M. New Multi-step Worm Attack Model |
| title | New Multi-step Worm Attack Model |
| title_full | New Multi-step Worm Attack Model |
| title_fullStr | New Multi-step Worm Attack Model |
| title_full_unstemmed | New Multi-step Worm Attack Model |
| title_short | New Multi-step Worm Attack Model |
| title_sort | new multi-step worm attack model |
| topic | Q Science (General) |
| url | http://eprints.utem.edu.my/id/eprint/63/1/1001.3477.pdf http://eprints.utem.edu.my/id/eprint/63/ |
| url_provider | http://eprints.utem.edu.my/ |