| Table of Contents | [top] |
|---|
|
|
|
| List of PCAP Archives | [top] |
|---|
|
|
- http://www.first.org/resources/papers/conf2005.html#p107
- http://www.first.org/conference/2005/papers/masato-terada-paper-1.pdf
- http://www.first.org/conference/2005/papers/masato-terada-slides-1.pdf
- Proposal for the experimental environment for Network Worm infection
- 17th Annual FIRST Conference (June 26 - July 1, 2005)
-
-
Code analysis and simulation of network worm infection are useful methods to evaluate how it spreads and its effects. But a bug in infection algorithm or the way of implementing a random number generator etc. affects the retrieval behavior of network worm infection. It is important to evaluate the retrieval behavior of network worm infection in an experimental environment for complementing code analysis. This paper describes a prototype of experimental environment for network worm infection and actual data about network worm infection. The purpose of experimental environment is to investigate retrieval behavior and infection mechanisms in network worm behavior. For example, there are a mapping of retrieved IP addresses and a ratio of IP addresses retrieved and port numbers used by network worms. Also we implemented a prototype system to show the validity of our approach.
|
|
|
| Revisions | [top] |
|---|
- Published.: 2007-08-13T13:25+00:00
|
|
|
|
