An Improved Traditional Worm Attack Pattern
The significant threats of traditional worms such as Blaster, Sasser, Code Red and Slammer are still continuing due to their hasty spreading nature on the internet. The worms attack pattern from three different scenarios have been extracted from various logs at different OSI layers such as victim lo...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | Article |
| Language: | en |
| Published: |
IEEE Computer Society
2010
|
| Subjects: | |
| Online Access: | http://eprints.utem.edu.my/id/eprint/73/1/ITSO6_T7_2-IEEE_published.pdf http://eprints.utem.edu.my/id/eprint/73/ http://ieeexplore.ieee.org/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1832715929259081728 |
|---|---|
| author | Yusof, R. Selamat, S. R. Sahib, S. Mas'ud, Z. Abdollah, M. F. Ramly, M. |
| author_facet | Yusof, R. Selamat, S. R. Sahib, S. Mas'ud, Z. Abdollah, M. F. Ramly, M. |
| author_sort | Yusof, R. |
| building | UTEM Library |
| collection | Institutional Repository |
| content_provider | Universiti Teknikal Malaysia Melaka |
| content_source | UTEM Institutional Repository |
| continent | Asia |
| country | Malaysia |
| description | The significant threats of traditional worms such as Blaster, Sasser, Code Red and Slammer are still continuing due to their hasty spreading nature on the internet. The worms attack pattern from three different scenarios have been extracted from various logs at different OSI layers such as victim logs, attacker logs and IDS alert log. These worms attack pattern are further analyzed to form the general worms’attack pattern which describes the process of worms’ infection. This paper proposes a general attack pattern for worm in three different perspectives which is attacker, victim and victim/attacker or multi-step attack using only Blaster variant. Thus, the general attack pattern can be extended into research areas in alert correlation and computer forensic investigation. |
| format | Article |
| id | my.utem.eprints-73 |
| institution | Universiti Teknikal Malaysia Melaka |
| language | en |
| publishDate | 2010 |
| publisher | IEEE Computer Society |
| record_format | eprints |
| spelling | my.utem.eprints-732021-09-19T17:32:41Z http://eprints.utem.edu.my/id/eprint/73/ An Improved Traditional Worm Attack Pattern Yusof, R. Selamat, S. R. Sahib, S. Mas'ud, Z. Abdollah, M. F. Ramly, M. Q Science (General) The significant threats of traditional worms such as Blaster, Sasser, Code Red and Slammer are still continuing due to their hasty spreading nature on the internet. The worms attack pattern from three different scenarios have been extracted from various logs at different OSI layers such as victim logs, attacker logs and IDS alert log. These worms attack pattern are further analyzed to form the general worms’attack pattern which describes the process of worms’ infection. This paper proposes a general attack pattern for worm in three different perspectives which is attacker, victim and victim/attacker or multi-step attack using only Blaster variant. Thus, the general attack pattern can be extended into research areas in alert correlation and computer forensic investigation. IEEE Computer Society 2010-06 Article NonPeerReviewed text en http://eprints.utem.edu.my/id/eprint/73/1/ITSO6_T7_2-IEEE_published.pdf Yusof, R. and Selamat, S. R. and Sahib, S. and Mas'ud, Z. and Abdollah, M. F. and Ramly, M. (2010) An Improved Traditional Worm Attack Pattern. International Symposium on Information Technology 2010. pp. 1067-1072. ISSN 978-1-4244-6716-7 http://ieeexplore.ieee.org/ |
| spellingShingle | Q Science (General) Yusof, R. Selamat, S. R. Sahib, S. Mas'ud, Z. Abdollah, M. F. Ramly, M. An Improved Traditional Worm Attack Pattern |
| title | An Improved Traditional Worm Attack Pattern |
| title_full | An Improved Traditional Worm Attack Pattern |
| title_fullStr | An Improved Traditional Worm Attack Pattern |
| title_full_unstemmed | An Improved Traditional Worm Attack Pattern |
| title_short | An Improved Traditional Worm Attack Pattern |
| title_sort | improved traditional worm attack pattern |
| topic | Q Science (General) |
| url | http://eprints.utem.edu.my/id/eprint/73/1/ITSO6_T7_2-IEEE_published.pdf http://eprints.utem.edu.my/id/eprint/73/ http://ieeexplore.ieee.org/ |
| url_provider | http://eprints.utem.edu.my/ |