There are the two common means for propagating worms: scanning vulnerable computers in
the network and spreading through topological neighbors. Modeling the propagation of …

Self-duplicating, self-propagating malicious codes known as computer worms spread
themselves without any human interaction and launch the most destructive attacks against …

A method and system of detecting a malicious and/or botnet-related domain name,
comprising: reviewing a domain name used in Domain Name System (DNS) traffic in a …

A system and method for detecting a first network of compromised computers in a second
network of computers, comprising: collecting Domain Name System (DNS) data for the …

Time zones play an important and unexplored role in malware epidemics. To understand
how time and location affect malware spread dynamics, we studied botnets, or large …

We propose a taxonomy of botnet structures, based on their utility to the botmaster. We
propose key metrics to measure their utility for various activities (eg, spam, ddos). Using …

Exploiting static configuration of networks and hosts has always been a great advantage for
design and launching of decisive attacks. Network reconnaissance of IP addresses and …

After many Internet-scale worm incidents in recent years, it is clear that a simple self-
propagating worm can quickly spread across the Internet and cause severe damage to our …

In recent years, fast spreading worms, such as Code Red, Slammer, Blaster and Sasser,
have become one of the major threats to the security of the Internet. In order to defend …

The static one-to-one binding of hosts to IP addresses allows adversaries to conduct
thorough reconnaissance in order to discover and enumerate network assets. Specifically …