Concept, Characteristics and Defending Mechanism of Worms

Tang, Yong; Luo, Jun; Xiao, Bin; Wei, Guiyi

doi:10.1587/transinf.e92.d.799

Cited by 10 publications

(10 citation statements)

References 43 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This link will direct the victim to a fake website, which the attacker has designed to obtain private and confidential information [27]. Phishing via email can be further categorized as spear-phishing, whaling, and clone-phishing [2,3,12,19,25,28,29].…”

Section: 11) Phishingmentioning

confidence: 99%

An Advanced Taxonomy for Social Engineering Attacks

Aldawood¹,

Skinner²

2020

IJCA

View full text Add to dashboard Cite

Rapid technological advancement has not only resulted in a change in the pace of economic development, but also led to increase in cyber-threats. A social engineering attack is one such threat where an attacker not only accesses critical information about a user through technology, but also through manipulation. Although the types of attacks are different i.e. social, physical, technical or socio-technical, the process is the same. This study creates an advanced taxonomy of social engineering attacks with the aim of facilitating the development and implementation of better prevention measures, stressing the importance of organizational awareness.

show abstract

Section: 11) Phishingmentioning

confidence: 99%

An Advanced Taxonomy for Social Engineering Attacks

Aldawood¹,

Skinner²

2020

IJCA

View full text Add to dashboard Cite

show abstract

“…They compromise systems, steal sensitive information, congest network and launch many kinds of attacks. A worm's life consists of following phases [8,12]: (i) target finding, worm uses scanning technologies to search vulnerable hosts that can be compromised easily, (ii) transferring, worm sends its duplication to victims after the victims are discovered, (iii) activation, malicious activities of worms can be triggered based on a specific data or under a certain condition, (iv) infection, once worm has successfully infected the host, the infected host will exhibit malicious behaviors. During the first two phases, the worm is active over the Internet and causes some network anomalies, making it possible to be detected by exploiting its special behaviors.…”

Section: Security Data Analytics For Worm Attack Detectionmentioning

confidence: 99%

“…Although we can find a number of existing surveys about DDoS and worm attacks in the literature [5][6][7][8][9][10][11][12][13][14], our survey has different focuses, provides deep review on the relationship between data categories and attack types and conducts literature evaluation based on additional requirements of data analytics. A tabulated comparison of our survey with other existing surveys of DDoS and worm attacks is presented in Table I.…”

Section: Introductionmentioning

confidence: 99%

Security Data Collection and Data Analytics in the Internet: A Survey

Jing

Yan

Pedrycz

2019

IEEE Commun. Surv. Tutorials

100

View full text Add to dashboard Cite

“…Internet worm propagation models describe the worm characteristics: (1) how much network traffic is generated by a worm and (2) how fast the response time should be to counteract it. Numerous models have been proposed for modeling different problems in computer networks.…”

Section: Introductionmentioning

confidence: 99%

“…Deterministic models are suitable for large-scale networks with high rate dynamics while probabilistic models are appropriate for small-scale networks with low rate dynamics. Deterministic models, such as SI and SIR, are used for modeling Internet worms because they occur in large-scale networks with thousands of hosts [1], [2]. SI [3] is a worm propagation model in which hosts stay in one of two states at any time: susceptible (denoted by 'S') or infectious (denoted by 'I').…”

Section: Introductionmentioning

confidence: 99%

On the trade-off between stealth and propagation speed of Internet worms

Azarian

Abadi

2013

2013 10th International ISC Conference on Information Security and Cryptology (ISCISC)

View full text Add to dashboard Cite

Internet worms pose major security threats for networks and users. This is due to their ability of self-spreading and self-replicating. In this paper, we introduce a new type of Internet worms, called Non-Overlapping Camouflaging worm (NOC-worm). It is an intelligent worm that makes a trade-off between stealth and propagation speed on the Internet. NOCworm is different from traditional worms, because it controls its overall scan rate and avoids redundant scanning of the same hosts. Various scanning methods have different impacts on worm propagation models. An accurate propagation model helps us to comprehensively study how a worm spreads under various conditions which are computationally too heavy for simulation. Standard worm propagation models, such as SI and SIR, consider random scanning. Therefore, they cannot accurately model the inherent characteristics of NOC-worm appropriately. Hence, we extend SIR to model the NOC-worm's propagation behavior and analyze its characteristics. Our results show that NOC-worm can achieve a better trade-off between stealth and propagation speed on the Internet in comparison to other stealthy worms.

show abstract

Concept, Characteristics and Defending Mechanism of Worms

Cited by 10 publications

References 43 publications

An Advanced Taxonomy for Social Engineering Attacks

An Advanced Taxonomy for Social Engineering Attacks

Security Data Collection and Data Analytics in the Internet: A Survey

On the trade-off between stealth and propagation speed of Internet worms

Contact Info

Product

Resources

About