More Web Proxy on the site http://driver.im/

Article

Recent worms: a survey and trends

Authors:

Darrell M. Kienzle,

Matthew C. ElderAuthors Info & Claims

WORM '03: Proceedings of the 2003 ACM workshop on Rapid malcode

Pages 1 - 10

https://doi.org/10.1145/948187.948189

Published: 27 October 2003 Publication History

Abstract

In this paper, we present a broad overview of recent worm activity. Virus information repositories, such as the Network Associates' Virus Information Library, contain over 4500 different entries (through the first quarter of 2003). While many of these entries are interesting, a great number of them are now simply historical and a large percentage of them are completely derivative in nature. However, these virus information repositories are the best source of material on the breadth of malicious code, including worms.This paper is meant to provide worm researchers with a high-level roadmap to the vast body of virus and worm information. After sifting through hundreds of entries, we present only those that we considered breakthrough or novel, primarily from a technical perspective. As a result, we found ourselves omitting some of the most notorious worms simply because they lacked any original aspects. It is our hope that others in the community who need to get up to speed in the worm literature can benefit from this survey. While this study does not contain any original research, it provides an overview of worms using a truly breadth-first approach, which has been lacking in the existing worm literature.From this raw data, we have also extracted a number of broad quantitative and qualitative trends that we have found to be interesting. We believe that a workshop discussion of these, and other thoughts, will be engaging and informative.

References

[1]

Eichin, M. and J. Rochlis. "With Microscope and Tweezers: An Analysis of the Internet Virus of November 1988". Proceedings of the 1989 IEEE Symposium on Security and Privacy (Oakland CA, May 1989), IEEE Computer Society, 326--344.

[2]

F-Secure. F-Secure Computer Virus Information Center. http://www.f-secure.com/v-descs, 2003.

[3]

F-Secure. "F-Secure Corporation Virus Glossary". http://www.f-secure.com/virus-info/glossary.shtml, May 2003.

[4]

Grimes, R. "Danger: Remote Access Trojans". Security Administrator, http://www.microsoft.com/technet/security/ virus/VirusRAT.asp, September 2002.

[5]

Kaspersky, E. Computer Viruses. Kaspersky Lab, http://www.viruslist.com/eng/viruslistbooks.html, 2000.

[6]

Lemos, R. "Year of the Worm: Fast-spreading code is weapon of choice for Net vandals". CNET News.com, http://news.com.com/2009-1001-254061.html, March 2001.

[7]

Moore, D., V. Paxson, S. Savage, C. Shannon, S. Staniford, and N. Weaver. "Slammer Worm Dissection: Inside the Slammer Worm". IEEE Security & Privacy, Vol. 1 No. 4 (July-August 2003), 33--39.

Digital Library

[8]

Moore, D., C. Shannon, and J. Brown. "Code-Red: a case study on the spread and victims of an internet worm". Proceedings of the Internet Measurement Workshop 2002 (Marseille France, November 2002).

Digital Library

[9]

Network Associates. Virus Information Library. http://vil.nai.com, 2003.

[10]

Network Associates. "Virus Glossary". http://mcafeeb2b.com/naicommon/avert/avert-research-center/virus-glossary.asp, 2003.

[11]

SANS Institute. "SANS Glossary of Terms Used in Security and Intrusion Detection". http://www.sans.org/resources/ glossary.php, May 2003.

[12]

Shoch, J. and J. Hupp. "The Worm Programs: Early Experience with a Distributed Computation". Communications of the ACM, Vol. 25 No. 3 (March 1982), 172--180.

Digital Library

[13]

Sophos. "Klez worm is most prolific virus of the year". Sophos Press Releases, http://www.sophos.com/pressrel/uk/ 20021204yeartopten.html, December 2002.

[14]

Spafford, E. "The Internet Worm Program: An Analysis". Purdue Technical Report CSD-TR-823, http://www.cerias.purdue.edu/homes/spaf/tech-reps/823.pdf, December 1988.

[15]

Staniford, S., V. Paxson, and N. Weaver. "How to 0wn the Internet in Your Spare Time". Proceedings of the 11th USENIX Security Symposium (San Francisco CA, August 2002).

Digital Library

[16]

Symantec. Symantec Security Response - Search and Expanded Threats Page. http://securityresponse.symantec.com/avcenter/ vinfodb.html, 2003.

[17]

Symantec. "What is the difference between viruses, worms, and Trojans?". http://service1.symantec.com/SUPPORT/ nav.nsf/pfdocs/1999041209131106, November 2002.

Cited By

Le YLi HWang BLuo ZYang AMa Z(2024)Supply Chain Security: Pre-training Model for Python Source Code Vulnerability Detection2024 3rd International Joint Conference on Information and Communication Engineering (JCICE)10.1109/JCICE61382.2024.00039(150-155)Online publication date: 10-May-2024
https://doi.org/10.1109/JCICE61382.2024.00039
Makkawy SAlblwi ADe Lucia MBarner K(2024)Improving Android Malware Detection with Entropy Bytecode-to-Image Encoding Framework2024 33rd International Conference on Computer Communications and Networks (ICCCN)10.1109/ICCCN61486.2024.10637591(1-9)Online publication date: 29-Jul-2024
https://doi.org/10.1109/ICCCN61486.2024.10637591
Sewak MSahay SRathore H(2022)Deep Reinforcement Learning in the Advanced Cybersecurity Threat Detection and ProtectionInformation Systems Frontiers10.1007/s10796-022-10333-xOnline publication date: 30-Aug-2022
https://doi.org/10.1007/s10796-022-10333-x
Show More Cited By

Index Terms

Recent worms: a survey and trends
1. Security and privacy
  1. Intrusion/anomaly detection and malware mitigation
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Recommendations

Modeling and Analysis of Patching Structured Benign Worms Countering against Worms
ICVRV '14: Proceedings of the 2014 International Conference on Virtual Reality and Visualization

Due to the active defense of benign worms against the damage imposed by worms, benign worms have been paid enough attention by network security researchers. This paper presents patching structured benign worms, and we designed their deployment and work ...
Modeling and Analysis of Active Benign Worms and Hybrid Benign Worms Containing the Spread of Worms
ICN '07: Proceedings of the Sixth International Conference on Networking

Worms are a serious and growing threat to network and traditional antivirus technologies do not currently scale to deal with the worm threat. Benign worms, especially active benign worms and hybrid benign worms, become a new active countermeasure. In ...
Classification of Botnet Detection Based on Botnet Architechture
CSNT '12: Proceedings of the 2012 International Conference on Communication Systems and Network Technologies

Nowadays, Botnets pose a major threat to the security of online ecosystems and computing assets. A Botnet is a network of computers which are compromised under the influence of Bot (malware) code. This paper clarifies Botnet phenomenon and discusses ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

WORM '03: Proceedings of the 2003 ACM workshop on Rapid malcode

October 2003

92 pages

ISBN:1581137850

DOI:10.1145/948187

General Chair:
Stuart Staniford
Silicon Defense
,
Program Chair:
Stefan Savage
University of California, San Diego

Copyright © 2003 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 27 October 2003

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

CCS03

Sponsor:

CCS03: Tenth ACM Conference on Computer and Communications Security 2003

October 27, 2003

DC, Washington, USA

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

89
Total Citations
View Citations
5,500
Total Downloads

Downloads (Last 12 months)55
Downloads (Last 6 weeks)4

Reflects downloads up to 05 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Le YLi HWang BLuo ZYang AMa Z(2024)Supply Chain Security: Pre-training Model for Python Source Code Vulnerability Detection2024 3rd International Joint Conference on Information and Communication Engineering (JCICE)10.1109/JCICE61382.2024.00039(150-155)Online publication date: 10-May-2024
Makkawy SAlblwi ADe Lucia MBarner K(2024)Improving Android Malware Detection with Entropy Bytecode-to-Image Encoding Framework2024 33rd International Conference on Computer Communications and Networks (ICCCN)10.1109/ICCCN61486.2024.10637591(1-9)Online publication date: 29-Jul-2024
Sewak MSahay SRathore H(2022)Deep Reinforcement Learning in the Advanced Cybersecurity Threat Detection and ProtectionInformation Systems Frontiers10.1007/s10796-022-10333-xOnline publication date: 30-Aug-2022
Sewak MSahay SRathore H(2022)Deep Reinforcement Learning for Cybersecurity Threat Detection and Protection: A ReviewSecure Knowledge Management In The Artificial Intelligence Era10.1007/978-3-030-97532-6_4(51-72)Online publication date: 23-Feb-2022
Elkhail ARefat RHabre RHafeez ABacha AMalik H(2021)Vehicle Security: A Survey of Security Issues and Vulnerabilities, Malware Attacks and DefensesIEEE Access10.1109/ACCESS.2021.31304959(162401-162437)Online publication date: 2021
Baldini, Gianmarco Barrero, Josefa Draper, Gerard Duch-Brown, Nestor Eulaerts, Olivier Geneiatakis, Dimitrios Joanny, Geraldine Kerckhof, Stephanie Lewis, Adam Martin, Tania Nativi, Stefano Neisse, Ricardo Papameletiou, Demosthenes Hernandez Ramos, Jose Luis Reina, Vittorio Ruzzante, Gian Luigi Sportiello, Luigi Steri, Gary Tirendi, Salvatore (2020)Cybersecurity, our digital anchor : a European perspectiveundefinedOnline publication date: 2020
Baldini, Gianmarco Barrero, Josefa Draper, Gerard Duch-Brown, Nestor Eulaerts, Olivier Geneiatakis, Dimitrios Joanny, Geraldine Kerckhof, Stephanie Lewis, Adam Martin, Tania Nativi, Stefano Neisse, Ricardo Papameletiou, Demosthenes Hernandez Ramos, Jose Luis Reina, Vittorio Ruzzante, Gian Luigi Sportiello, Luigi Steri, Gary Tirendi, Salvatore (2020)Cybersecurity, our digital anchor : a European perspectiveundefinedOnline publication date: 2020
Leelavathi BBabu R(2019)An Efficient Worm Detection System Using Multi Feature Analysis and Classification TechniquesProceeding of the International Conference on Computer Networks, Big Data and IoT (ICCBI - 2018)10.1007/978-3-030-24643-3_126(1054-1064)Online publication date: 1-Aug-2019
Hoque EPotharaju RNita-Rotaru CSarkar SVenkatesh S(2015)Taming epidemic outbreaks in mobile adhoc networksAd Hoc Networks10.1016/j.adhoc.2014.07.03124:PA(57-72)Online publication date: 1-Jan-2015
Rublík M(2014)Cryptographic Key Distribution and ManagementMultidisciplinary Perspectives in Cryptology and Information Security10.4018/978-1-4666-5808-0.ch011(259-285)Online publication date: 2014
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents