{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,6]],"date-time":"2024-09-06T10:54:20Z","timestamp":1725620060654},"publisher-location":"New York, NY, USA","reference-count":37,"publisher":"ACM","content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2006,12,3]]},"DOI":"10.1145\/1185347.1185371","type":"proceedings-article","created":{"date-parts":[[2007,1,17]],"date-time":"2007-01-17T01:15:56Z","timestamp":1168996556000},"page":"173-182","update-policy":"http:\/\/dx.doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":4,"title":["WormTerminator"],"prefix":"10.1145","author":[{"given":"Songqing","family":"Chen","sequence":"first","affiliation":[{"name":"George Mason University, Fairfax, VA"}]},{"given":"Xinyuan","family":"Wang","sequence":"additional","affiliation":[{"name":"George Mason University, Fairfax, VA"}]},{"given":"Lei","family":"Liu","sequence":"additional","affiliation":[{"name":"George Mason University, Fairfax, VA"}]},{"given":"Xinwen","family":"Zhang","sequence":"additional","affiliation":[{"name":"George Mason University, Fairfax, VA"}]}],"member":"320","published-online":{"date-parts":[[2006,12,3]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"http:\/\/www.symantec.com\/avcenter\/venc\/data\/linux.slapper.worm.html.  http:\/\/www.symantec.com\/avcenter\/venc\/data\/linux.slapper.worm.html."},{"key":"e_1_3_2_1_2_1","unstructured":"http:\/\/www.symantec.com\/index.htm.  http:\/\/www.symantec.com\/index.htm."},{"key":"e_1_3_2_1_3_1","unstructured":"An analysis of the slapper worm exploit. http:\/\/www.symantec.com\/avcenter\/reference\/analysis.slapper.worm.pdf.  An analysis of the slapper worm exploit. http:\/\/www.symantec.com\/avcenter\/reference\/analysis.slapper.worm.pdf."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2006.41"},{"key":"e_1_3_2_1_5_1","first-page":"95","volume-title":"Proceeding s of the IEEE Symposium on High Assurance System Engineering (HASE)","author":"Buchacker K.","year":"2001","unstructured":"K. Buchacker and V. Sieh . Framework for testing the fault-tolerance of systems including os and network aspects . In Proceeding s of the IEEE Symposium on High Assurance System Engineering (HASE) , pages 95 -- 105 , October 2001 . K. Buchacker and V. Sieh. Framework for testing the fault-tolerance of systems including os and network aspects. In Proceeding s of the IEEE Symposium on High Assurance System Engineering (HASE), pages 95--105, October 2001."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.5555\/874075.876409"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/1095810.1095824"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-30143-1_3"},{"key":"e_1_3_2_1_9_1","volume-title":"Proceedings of the Linux Showcase and Conference","author":"Dike J.","year":"2000","unstructured":"J. Dike . A user-mode port of the linux kernel . In Proceedings of the Linux Showcase and Conference , October 2000 . J. Dike. A user-mode port of the linux kernel. In Proceedings of the Linux Showcase and Conference, October 2000."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.5555\/1060289.1060309"},{"key":"e_1_3_2_1_11_1","volume-title":"Proceedings of USENIX security Symposium","author":"Handley M.","year":"2001","unstructured":"M. Handley , V. Paxson , and C. Kreibich . Network intrusion detection: Evasion, traffic normalization, and end-to-end protocol semantics . In Proceedings of USENIX security Symposium , August 2001 . M. Handley, V. Paxson, and C. Kreibich. Network intrusion detection: Evasion, traffic normalization, and end-to-end protocol semantics. In Proceedings of USENIX security Symposium, August 2001."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/1095810.1095820"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/MM.2004.1289290"},{"key":"e_1_3_2_1_14_1","volume-title":"Proceedings of USENIX Security","author":"Kim H.","year":"2004","unstructured":"H. Kim and B. Karp . Autograph: Toward automated distributed worm signature detection . In Proceedings of USENIX Security , San Diego, CA , August 2004 . H. Kim and B. Karp. Autograph: Toward automated distributed worm signature detection. In Proceedings of USENIX Security, San Diego, CA, August 2004."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2006.38"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.5555\/1247340.1247346"},{"key":"e_1_3_2_1_17_1","volume-title":"Proceedings of HotNets","author":"Kreibich C.","year":"2003","unstructured":"C. Kreibich and J. Crowcroft . Honeycomb - creating intrusion detection signatures using honeypots . In Proceedings of HotNets , Boston, MA , November 2003 . C. Kreibich and J. Crowcroft. Honeycomb - creating intrusion detection signatures using honeypots. In Proceedings of HotNets, Boston, MA, November 2003."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2006.18"},{"key":"e_1_3_2_1_19_1","volume-title":"Proceedings of IEEE INFOCOM","author":"Malan G.","year":"2001","unstructured":"G. Malan , D. Watson , and F. Jahanian . Transport and application protocol scrubbing . In Proceedings of IEEE INFOCOM , 2001 . G. Malan, D. Watson, and F. Jahanian. Transport and application protocol scrubbing. In Proceedings of IEEE INFOCOM, 2001."},{"key":"e_1_3_2_1_20_1","unstructured":"D. Moore V. Paxson S. Savage C. Shannon S. Staniford and N. Weaver. The spread of the sapphire\/slammer worm. http:\/\/www.caida.org\/publications\/papers\/2003\/sapphire\/sapphire.html.  D. Moore V. Paxson S. Savage C. Shannon S. Staniford and N. Weaver. The spread of the sapphire\/slammer worm. http:\/\/www.caida.org\/publications\/papers\/2003\/sapphire\/sapphire.html."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSECP.2003.1219056"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/637201.637244"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2005.15"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/MM.2005.35"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1016\/S1389-1286(99)00112-7"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2006.26"},{"key":"e_1_3_2_1_27_1","volume-title":"A virtual honeypot framework. Technical report","author":"Provos N.","year":"2003","unstructured":"N. Provos . A virtual honeypot framework. Technical report , University of Michigan , October 2003 . N. Provos. A virtual honeypot framework. Technical report, University of Michigan, October 2003."},{"key":"e_1_3_2_1_28_1","volume-title":"Proceedings of Conference on System Administration","author":"Roesch M.","year":"1999","unstructured":"M. Roesch . Snort : Lightweight intrusion detection for networks . In Proceedings of Conference on System Administration , November 1999 . M. Roesch. Snort: Lightweight intrusion detection for networks. In Proceedings of Conference on System Administration, November 1999."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.5555\/829515.830553"},{"key":"e_1_3_2_1_30_1","volume-title":"The earlybird system for real-time detection of unknown worms. Technical report","author":"Singh S.","year":"2003","unstructured":"S. Singh , C. Estan , G. Varghese , and S. Savage . The earlybird system for real-time detection of unknown worms. Technical report , University of California , San Diego , August 2003 . S. Singh, C. Estan, G. Varghese, and S. Savage. The earlybird system for real-time detection of unknown worms. Technical report, University of California, San Diego, August 2003."},{"key":"e_1_3_2_1_31_1","volume-title":"Proceedings of OSDI","author":"Singh S.","year":"2004","unstructured":"S. Singh , C. Estan , G. Varghese , and S. Savage . Automated worm fingerprinting . In Proceedings of OSDI , San Francisco, CA , December 2004 . S. Singh, C. Estan, G. Varghese, and S. Savage. Automated worm fingerprinting. In Proceedings of OSDI, San Francisco, CA, December 2004."},{"key":"e_1_3_2_1_32_1","volume-title":"Journal of Computer Security","author":"Staniford S.","year":"2004","unstructured":"S. Staniford . Containment of scanning worms in enterprise networks . In Journal of Computer Security , 2004 . S. Staniford. Containment of scanning worms in enterprise networks. In Journal of Computer Security, 2004."},{"key":"e_1_3_2_1_33_1","volume-title":"Proceedings of USENIX Security","author":"Staniford S.","year":"2002","unstructured":"S. Staniford , V. Paxson , and N. Weaver . How to 0wn the internet in your spare time . In Proceedings of USENIX Security , San Francisco, CA , August 2002 . S. Staniford, V. Paxson, and N. Weaver. How to 0wn the internet in your spare time. In Proceedings of USENIX Security, San Francisco, CA, August 2002."},{"key":"e_1_3_2_1_34_1","unstructured":"t. Ptacek and T. Newsham. Insertion evasion and denial of service: Eluding network intrusion detection. http:\/\/www.insecure.org\/stf\/secnet-ids\/secnet-ids.html January 1998.  t. Ptacek and T. Newsham. Insertion evasion and denial of service: Eluding network intrusion detection. http:\/\/www.insecure.org\/stf\/secnet-ids\/secnet-ids.html January 1998."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/1015467.1015489"},{"key":"e_1_3_2_1_36_1","volume-title":"Proceedings of USENIX Security","author":"Weaver N.","year":"2004","unstructured":"N. Weaver , B. Staniford , and V. Paxson . Very fast containment of scanning worms . In Proceedings of USENIX Security , San Diego, CA , August 2004 . N. Weaver, B. Staniford, and V. Paxson. Very fast containment of scanning worms. In Proceedings of USENIX Security, San Diego, CA, August 2004."},{"key":"e_1_3_2_1_37_1","volume-title":"Proceedings of Annual Computer Security Applications Conference","author":"Williamnson M.","year":"2002","unstructured":"M. Williamnson . Throttling viruses : Restricting propagation to defeat mobile malicious code . In Proceedings of Annual Computer Security Applications Conference , Las Vegas, NV , December 2002 . M. Williamnson. Throttling viruses: Restricting propagation to defeat mobile malicious code. In Proceedings of Annual Computer Security Applications Conference, Las Vegas, NV, December 2002."}],"event":{"name":"ANCS06: Symposium on Architecture for Networking and Communications Systems","sponsor":["SIGCOMM ACM Special Interest Group on Data Communication","ACM Association for Computing Machinery","SIGARCH ACM Special Interest Group on Computer Architecture"],"location":"San Jose California USA","acronym":"ANCS06"},"container-title":["Proceedings of the 2006 ACM\/IEEE symposium on Architecture for networking and communications systems"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1185347.1185371","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,1,7]],"date-time":"2023-01-07T14:16:25Z","timestamp":1673100985000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1185347.1185371"}},"subtitle":["an effective containment of unknown and polymorphic fast spreading worms"],"short-title":[],"issued":{"date-parts":[[2006,12,3]]},"references-count":37,"alternative-id":["10.1145\/1185347.1185371","10.1145\/1185347"],"URL":"https:\/\/doi.org\/10.1145\/1185347.1185371","relation":{},"subject":[],"published":{"date-parts":[[2006,12,3]]},"assertion":[{"value":"2006-12-03","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}