What are network worms?
How do network worms work?
What is the history behnid worms?
What is the history of the Morris Internet Worm?
How does Morris Worm Transmission work?
How did Morris Worm Infection work?
What did the Morris Worm Stealth/DoS work?
What is the history behind the modern worm era?
What are the technical enablers for worms?
How do we think about worm outbreaks?
What are the two think about when dealing with worm outbreaks and the SI model?
What can be done against worm outbreaks?
What is software quality prevention?
- against network worms
What are wrappers?
- network worm prevention technique
What is Software Heterogeneity?
- network worm prevention technique
What is software updating prevention technique?
- network worm prevention
What is the known exploit blocking prevention technique?
- network worm prevention
What is hygiene enforcement?
- network worm prevention technique
What is network worm treatment? What are the two issues with it?
What are white worms?
What is network worm containment? What are the two types of containment?
What are the requirements for quarantining network worms? How can we define reactive defenses?
What makes worm containment difficult?
What is Slammer (2003)?
- network worm
Was Slammer really fast?
Network worm outbreak detection/monitoring. What are the two classes of monitors?
What are network telescopes?
Why do telescopes work?
What is Code Red’s Growth vs it’s patch rate?
What is the global animation of an outbreak?
What are the problems with telescopes?
What are the overall limitations of telescope, honey net, etc. monitoring?
How do you detect worms on your network?
What is scan detection?
What is signature inference?
What is the approach for signature inference?
What is content sifting?
What does the content sifting algorithm look like in a diagram?
What are the challenges to content shifting?
What is Earlybird?
What is the results of Earlybird?
What is UCSD’s relationship with content sifting technologies?
What are the limitations to content sifting?
What are distributed detection issues? What do we do about it?
So you’ve taken over 100,000 machines, now what?
What is a botnet?
What is the history of botnet?
What is the first major motivation of batnets?
How do botnets get created?
What is architecture of a botnet?
What is storm peer-to-peer botnet?
- type of botnet architecture
Wha is the Agobot?
What are some of the Agobot Commands?
How do bots build on one another?
How do you detect botnets?
How do you disrupt bots?
What is command and control disruption?
What gets in the way of cleaning bots?