Recent years have seen repeated releases of Internet-scale "worms" - programs that self-propagate across the network by exploiting security vulnerabilities in open Internet servers. The speed and size of the infections pose great challenges for defending against them. We will look at measured behavior of worms, likely evolution of "better" worms as attackers incorporate additional techniques, and possibilities for defenses.
About the speaker:
Vern Paxson is a senior scientist at the International Computer Science Institute (ICSI) in Berkeley, California, as well as a staff scientist with the Lawrence Berkeley National Laboratory. His main active research projects are network intrusion detection in the context of Bro, a high-performance network intrusion detection system he developed; large-scale network measurement and analysis; and Internet-scale attacks, particularly rapidly-propagating network "worms". His other professional activities include: chair of the Internet Research Task Force (IRTF); vice-chair of ACM SIGCOMM; Associate Editor for IEEE/ACM Transactions on Networking; program chair of the 2004 ACM CCS Workshop on Rapid Malcode (WORM); co-founder and steering committee member of the Internet Measurement Conference; co-chair of Invited Talks for the 2004 USENIX Security Symposium; and organizer of the 2003 DIMACS Workshop on Large-Scale Internet Attacks.