From: Rosalia Tungaraza (rltungar@u.washington.edu)
Date: Wed Dec 01 2004 - 03:31:09 PST
This paper mainly talks about three major viruses that were able to infect
a large amount of computers in recent years (Code Red I, Code Red II, and
Nimda). It outlines their modes of infection and spreading, an estimate of
their damage, and provides insight into how new techniques could be used
to build similar viruses. Such techniques were discussed to be hit-list
scanning, permutation scanning, and Internet-sized hit-lists.
Apart from that, the paper also points out the need for a physical place
where experts in computer viruses could work together in both diagnosing
and preventing future occurrences of such code.
Among many other good points from this paper, I think the fact that the
authors acknowledge that presenting data obtained by the CDC publicly, may
contrary the goals of the CDC, help computer virus developers (or
attackers) learn more efficient ways to write and propagate their code.
And yet, somehow this information needs to flow freely in the public if it
is to be efficient.
In the paper, the authors suggest some arenas for future work. One of them
is to keep discussions flowing about the pros and cons of a physical
center for computer virus analysis, detection, prevention, and cure (the
Cyber CDC). Towards that end they also suggest to focus discussions on how
"open" (public) data generated from that center should be.
This archive was generated by hypermail 2.1.6 : Wed Dec 01 2004 - 03:31:10 PST