{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:43:28Z","timestamp":1750308208456,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":34,"publisher":"ACM","license":[{"start":{"date-parts":[[2004,10,29]],"date-time":"2004-10-29T00:00:00Z","timestamp":1099008000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2004,10,29]]},"DOI":"10.1145\/1029618.1029631","type":"proceedings-article","created":{"date-parts":[[2005,1,30]],"date-time":"2005-01-30T17:55:16Z","timestamp":1107107716000},"page":"83-93","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":60,"title":["WORM vs. WORM"],"prefix":"10.1145","author":[{"given":"Frank","family":"Castaneda","sequence":"first","affiliation":[{"name":"North Carolina State University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Emre Can","family":"Sezer","sequence":"additional","affiliation":[{"name":"North Carolina State University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jun","family":"Xu","sequence":"additional","affiliation":[{"name":"North Carolina State University"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2004,10,29]]},"reference":[{"key":"e_1_3_2_1_1_1","first-page":"110","volume-title":"Proceedings of the IEEE Systems, Man, and Cybernetics Information Assurance and Security Workshop","author":"Carver C.","year":"2000","unstructured":"C. Carver , J. Hill , J. Surdu , and U. Pooch . A methodology for using intelligent agents to provide automated intrusion response . In Proceedings of the IEEE Systems, Man, and Cybernetics Information Assurance and Security Workshop , West Point, NY , June 6-7, 2000 , pages 110 -- 116 , 2000. C. Carver, J. Hill, J. Surdu, and U. Pooch. A methodology for using intelligent agents to provide automated intrusion response. In Proceedings of the IEEE Systems, Man, and Cybernetics Information Assurance and Security Workshop, West Point, NY, June 6-7, 2000, pages 110--116, 2000."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1109\/INFCOM.2003.1209211"},{"key":"e_1_3_2_1_3_1","unstructured":"eEye Digital Security. Sapphire worm code disassembled. http:\/\/www.eeye.com\/html\/Research\/Flash\/sapphire.txt January 2003.  eEye Digital Security. Sapphire worm code disassembled. http:\/\/www.eeye.com\/html\/Research\/Flash\/sapphire.txt January 2003."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.1989.36307"},{"key":"e_1_3_2_1_5_1","volume-title":"August","author":"Evers J.","year":"2003","unstructured":"J. Evers . Microsoft ponders automatic patching. InfoWorld (www.infoworld.com) , August 2003 . J. Evers. Microsoft ponders automatic patching. InfoWorld (www.infoworld.com), August 2003."},{"key":"e_1_3_2_1_6_1","volume-title":"CMP Network Magazine","author":"Farrow R.","year":"2004","unstructured":"R. Farrow . Reverse-engineering new exploits . CMP Network Magazine , 2004 . R. Farrow. Reverse-engineering new exploits. CMP Network Magazine, 2004."},{"key":"e_1_3_2_1_7_1","volume-title":"Next generation intrusion detection systems (IDS)","author":"Gong F.","year":"2002","unstructured":"F. Gong . Next generation intrusion detection systems (IDS) . McAfee Network Security Technologies Group , 2002 . F. Gong. Next generation intrusion detection systems (IDS). McAfee Network Security Technologies Group, 2002."},{"key":"e_1_3_2_1_8_1","unstructured":"H. HexXer. Codegreen beta release (idq-patcher\/antiCodeRed\/etc.). http:\/\/www.securityfocus.com\/archive\/82\/211428 September 2001.  H. HexXer. Codegreen beta release (idq-patcher\/antiCodeRed\/etc.). http:\/\/www.securityfocus.com\/archive\/82\/211428 September 2001."},{"key":"e_1_3_2_1_9_1","unstructured":"G. Hoglund. Buffer overflow construction kit. http:\/\/www.rootkit.com\/projects\/winblock March 2000.  G. Hoglund. Buffer overflow construction kit. http:\/\/www.rootkit.com\/projects\/winblock March 2000."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/6.275061"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/RISP.1991.130801"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.5555\/882489.884191"},{"key":"e_1_3_2_1_13_1","unstructured":"M. Kern. Re: Codegreen beta release (idq-patcher\/antiCodeRed\/etc.). http:\/\/www.securityfocus.com\/archive\/82\/211462 September 2001.  M. Kern. Re: Codegreen beta release (idq-patcher\/antiCodeRed\/etc.). http:\/\/www.securityfocus.com\/archive\/82\/211462 September 2001."},{"key":"e_1_3_2_1_14_1","volume-title":"2nd Workshop on Hot Topics in Networks (HotNets-II)","author":"Kreibich C.","year":"2003","unstructured":"C. Kreibich and J. Crowcroft . Honeycomb - creating intrusion detection signatures using honeypots . 2nd Workshop on Hot Topics in Networks (HotNets-II) , 2003 . C. Kreibich and J. Crowcroft. Honeycomb - creating intrusion detection signatures using honeypots. 2nd Workshop on Hot Topics in Networks (HotNets-II), 2003."},{"key":"e_1_3_2_1_15_1","unstructured":"J. Leyden. Blaster variant offers 'fix' for pox-ridden pcs. http:\/\/www.theregister.com\/2003\/08\/19\/blaster variant offers fix\/ August 2003.  J. Leyden. Blaster variant offers 'fix' for pox-ridden pcs. http:\/\/www.theregister.com\/2003\/08\/19\/blaster variant offers fix\/ August 2003."},{"key":"e_1_3_2_1_16_1","volume-title":"http:\/\/www.lsd-pl.net\/files\/get?WINDOWS\/win32 dcom","author":"LSD.","year":"2003","unstructured":"LSD. Dcom exploit. http:\/\/www.lsd-pl.net\/files\/get?WINDOWS\/win32 dcom , 2003 . LSD. Dcom exploit. http:\/\/www.lsd-pl.net\/files\/get?WINDOWS\/win32 dcom, 2003."},{"key":"e_1_3_2_1_17_1","unstructured":"D. Moore. The spread of the code red worm. http:\/\/www.caida.org\/analysis\/security\/code-red\/code-redv2_analysis.xml.  D. Moore. The spread of the code red worm. http:\/\/www.caida.org\/analysis\/security\/code-red\/code-redv2_analysis.xml."},{"key":"e_1_3_2_1_18_1","unstructured":"D. Moore V. Paxson S. Savage C. Shannon S. Staniford and N. Weaver. The spread of the sapphire\/slammer worm. http:\/\/ www.cs.berkeley.edu\/~nweaver\/sapphire\/ 2003.  D. Moore V. Paxson S. Savage C. Shannon S. Staniford and N. Weaver. The spread of the sapphire\/slammer worm. http:\/\/ www.cs.berkeley.edu\/~nweaver\/sapphire\/ 2003."},{"key":"e_1_3_2_1_19_1","unstructured":"D. Moore C. Shannon G. M. Voelker and S. Savage. Internet quarantine: Requirements for containing self-propagating code.  D. Moore C. Shannon G. M. Voelker and S. Savage. Internet quarantine: Requirements for containing self-propagating code."},{"key":"e_1_3_2_1_20_1","unstructured":"T. Mullen. Defending your right to defend: Considerations of an automated strike-back technology. http:\/\/ www.hammerofgod.com\/ strikeback.txt October 2002.  T. Mullen. Defending your right to defend: Considerations of an automated strike-back technology. http:\/\/ www.hammerofgod.com\/ strikeback.txt October 2002."},{"key":"e_1_3_2_1_21_1","volume-title":"October","author":"Mullen T. M.","year":"2002","unstructured":"T. M. Mullen . Defending your right to defend : Considerations of an automated strike-back technology ., October 2002 . T. M. Mullen. Defending your right to defend: Considerations of an automated strike-back technology., October 2002."},{"key":"e_1_3_2_1_22_1","unstructured":"R. Permeh and M. Maiffret. Codered analysis. http:\/\/ www.digitaloffense.net\/worms\/CodeRed\/code-red-original-eeye\/ July 2001.  R. Permeh and M. Maiffret. Codered analysis. http:\/\/ www.digitaloffense.net\/worms\/CodeRed\/code-red-original-eeye\/ July 2001."},{"key":"e_1_3_2_1_23_1","unstructured":"T. M. Project. Opcode db. http:\/\/www.metasploit.com\/opcode search.html 2003.  T. M. Project. Opcode db. http:\/\/www.metasploit.com\/opcode search.html 2003."},{"key":"e_1_3_2_1_25_1","volume-title":"July","author":"Rapoza J.","year":"2001","unstructured":"J. Rapoza . Cheese: If it's good (worm), let it be! ZDNet India , July 2001 . J. Rapoza. Cheese: If it's good (worm), let it be! ZDNet India, July 2001."},{"key":"e_1_3_2_1_26_1","volume-title":"11th IEEE\/ACM Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems MASCOTS","author":"Serazzi G.","year":"2003","unstructured":"G. Serazzi and S. Zanero . Computer virus propagation models . In 11th IEEE\/ACM Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems MASCOTS , 2003 . G. Serazzi and S. Zanero. Computer virus propagation models. In 11th IEEE\/ACM Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems MASCOTS, 2003."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/358453.358455"},{"volume-title":"To Appear in the Proceedings of the 11th USENIX Security Symposium (Security '02)","author":"Staniford S.","key":"e_1_3_2_1_28_1","unstructured":"S. Staniford , V. Paxson , and N. Weaver . How to 0wn the internet in your spare time, 2002 . To Appear in the Proceedings of the 11th USENIX Security Symposium (Security '02) . S. Staniford, V. Paxson, and N. Weaver. How to 0wn the internet in your spare time, 2002. To Appear in the Proceedings of the 11th USENIX Security Symposium (Security '02)."},{"key":"e_1_3_2_1_29_1","unstructured":"Symantec Corp. MSBlaseter Symantec Security Response. http:\/\/securityresponse.symantec.com\/avcenter\/venc\/data\/ w32.witty.worm.html 2004.  Symantec Corp. MSBlaseter Symantec Security Response. http:\/\/securityresponse.symantec.com\/avcenter\/venc\/data\/ w32.witty.worm.html 2004."},{"key":"e_1_3_2_1_30_1","unstructured":"Symantec Corp. MSBlaseter Symantec Security Response. http:\/\/ securityresponse.symantec.com\/avcenter\/venc\/data\/ w32.blaster.worm.html 2004.  Symantec Corp. MSBlaseter Symantec Security Response. http:\/\/ securityresponse.symantec.com\/avcenter\/venc\/data\/ w32.blaster.worm.html 2004."},{"key":"e_1_3_2_1_31_1","unstructured":"Symantec Corp. Symantec Security Response. http:\/\/securityresponse.symantec.com\/ 2004.  Symantec Corp. Symantec Security Response. http:\/\/securityresponse.symantec.com\/ 2004."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"crossref","unstructured":"T. Vogt. Simulating and optimising worm propagation algorithms. http:\/\/web.lemuria.org\/security\/WormPropagation.pdf February 2004.  T. Vogt. Simulating and optimising worm propagation algorithms. http:\/\/web.lemuria.org\/security\/WormPropagation.pdf February 2004.","DOI":"10.1016\/S1353-4858(04)00049-2"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/948187.948194"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/586110.586130"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/948187.948197"}],"event":{"name":"CCS04: 11th ACM Conference on Computer and Communications Security 2004","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control","ACM Association for Computing Machinery"],"location":"Washington DC USA","acronym":"CCS04"},"container-title":["Proceedings of the 2004 ACM workshop on Rapid malcode"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1029618.1029631","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1029618.1029631","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T16:31:00Z","timestamp":1750264260000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1029618.1029631"}},"subtitle":["preliminary study of an active counter-attack mechanism"],"short-title":[],"issued":{"date-parts":[[2004,10,29]]},"references-count":34,"alternative-id":["10.1145\/1029618.1029631","10.1145\/1029618"],"URL":"https:\/\/doi.org\/10.1145\/1029618.1029631","relation":{},"subject":[],"published":{"date-parts":[[2004,10,29]]},"assertion":[{"value":"2004-10-29","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}