There are the two common means for propagating worms: scanning vulnerable computers in
the network and spreading through topological neighbors. Modeling the propagation of …

Static configurations serve great advantage for adversaries in discovering network targets
and launching attacks. Identifying active IP addresses in a target domain is a precursory step …

A method and system of detecting a malicious and/or botnet-related domain name,
comprising: reviewing a domain name used in Domain Name System (DNS) traffic in a …

In this paper, we develop a rigorous, unified framework based on ordinary differential
equations (ODEs) to study epidemic routing and its variations. These ODEs can be derived …

A system and method for detecting a first network of compromised computers in a second
network of computers, comprising: collecting Domain Name System (DNS) data for the …

Time zones play an important and unexplored role in malware epidemics. To understand
how time and location affect malware spread dynamics, we studied botnets, or large …

Network reconnaissance of addresses and ports is prerequisite to a vast majority of cyber
attacks. Meanwhile, the static address configuration of networks and hosts simplifies …

Exploiting static configuration of networks and hosts has always been a great advantage for
design and launching of decisive attacks. Network reconnaissance of IP addresses and …

After many Internet-scale worm incidents in recent years, it is clear that a simple self-
propagating worm can quickly spread across the Internet and cause severe damage to our …

As many people rely on e-mail communications for business and everyday life, Internet e-
mail worms constitute one of the major security threats for our society. Unlike scanning …