| Publisher | Association for Computing Machinery | ||
|---|---|---|---|
| Format | 283.0KB PDF | Date added | 26 Oct 2005 |
| Topics | Anti-Virus, Network Security, Security Management | ||
| Downloads | 8 | ||
Worm containment must be automatic because worms can spread too fast for humans to respond. Recent work has proposed network-level techniques to automate worm containment; these techniques have limitations because there is no information about the vulnerabilities exploited by worms at the network level. This paper proposes Vigilante, a new end-to-end approach to contain worms automatically that addresses these limitations. Vigilante relies on collaborative worm detection at end hosts, but does not require hosts to trust each other. Hosts run instrumented software to detect worms and broadcast Self-Certifying Alerts (SCAs) upon worm detection. SCAs are proofs of vulnerability that can be inexpensively verified by any vulnerable host.
Did you find this white paper useful?
26 out of 50 users found this white paper useful
Related white papers
Maintaining Productivity Through Network Virus Attacks: A Proactive Strategy
This webcast explains a proactive strategy of maintaining productivity through network virus attacks.
Combating W32.Netsky.D
W32.Netsky.D is a mass-mailing worm that uses its own SMTP engine to send itself to the email addresses it finds when scanning hard drives and mapped drives. View this webcast...
The MyDoom Worm
An e-mail worm continued to clog Internet traffic this week, spreading faster than previous Web bugs by appearing as an innocuous error message. The worm - dubbed "MyDoom," "Novarg" or...
Securing SMBs Against Spam and Virus Threats
This white paper from St. Bernard Software explains why spam and viruses are particularly tough to eliminate in small- and medium-sized businesses (SMBs) that can't dedicate IT staff to combating...
Top five strategies for combating modern threats: Is anti-virus dead?
Today's fast, targeted, silent threats take advantage of the open network and new technologies that support an increasingly mobile workforce. Organizations need innovative approaches to protect the web, email servers...
Deep Freez Enterprise - Computer Associates eTrust Antivirus
The process of updating virus definitions on workstations protected by Deep Freeze Enterprise involves three fundamental steps which are Rebooting the workstations into a Thawed state so the updates are...
Trojan Defence: A Forensic View
The Trojan defence; “I didn’t do it, someone else did”– myth or reality? This two part article investigates the fascinating area of Trojan & network forensics and puts forward...
