Design, Measurement and Management of Large-Scale IP Networks Book contents
- Frontmatter
- Contents
- Acknowledgments
- 1 Introduction
- 2 Background and context
- I Network monitoring and management
- II Network design and traffic engineering
- III From bits to services
- 12 From bits to services: information is power
- 13 Traffic classification in the dark
- 14 Classification of multimedia hybrid flows in real time
- 15 Detection of data plane malware: DoS and computer worms
- 16 Detection of control-plane anomalies: beyond prefix hijacking
- Appendix A How to link original and measured flow characteristics when packet sampling is used: bytes, packets and flows
- Appendix B Application-specific payload bit strings
- Appendix C BLINC implementation details
- Appendix D Validation of direction-conforming rule
- References
- Index
15 - Detection of data plane malware: DoS and computer worms
from III - From bits to services
Published online by Cambridge University Press: 05 September 2012
- Frontmatter
- Contents
- Acknowledgments
- 1 Introduction
- 2 Background and context
- I Network monitoring and management
- II Network design and traffic engineering
- III From bits to services
- 12 From bits to services: information is power
- 13 Traffic classification in the dark
- 14 Classification of multimedia hybrid flows in real time
- 15 Detection of data plane malware: DoS and computer worms
- 16 Detection of control-plane anomalies: beyond prefix hijacking
- Appendix A How to link original and measured flow characteristics when packet sampling is used: bytes, packets and flows
- Appendix B Application-specific payload bit strings
- Appendix C BLINC implementation details
- Appendix D Validation of direction-conforming rule
- References
- Index
Summary
Open, any-to-any connectivity is clearly one of the fundamentally great properties of the Internet. Unfortunately, the openness of the Internet also enables an expanding and everevolving array of malicious activity. During the early 1990s, when malicious attacks first emerged on the Internet, only a few systems at a time were typically compromised, and those systems were rarely used to continue or broaden the attack activity. At first, the attackers were seemingly motivated simply by the sport of it all. But then, as would seem to be the natural order of things, the miscreants were seized by the profit motive. Today, network infrastructure and end systems are constantly attacked with an increased level of sophistication and virulence.
In this chapter, we discuss and face two of the most dangerous threats known by the Internet community: Denial of Service (DoS) and computer worms. In the following we refer to them simply by DoS and Computer Worms. Those two families of threats have different goals, forms and effects than most of the attacks that are launched at networks and computers. Most attackers involved in cyber-crime seek to break into a system, extract its secrets, or fool it into providing a service without the approprite authorization. Attackers commonly try to steal credit card numbers or proprietary information, gain control of machines to install their software or save their data, deface Web pages, or alter important content on victim machines.
- Type
- Chapter
- Information
- Design, Measurement and Management of Large-Scale IP NetworksBridging the Gap Between Theory and Practice, pp. 310 - 340Publisher: Cambridge University PressPrint publication year: 2008