An architecture for an email worm prevention system

Mohamed Mahmoud Taibah; Ehab Al-Shaer; Raouf Boutaba

doi:10.1109/SECCOMW.2006.359559

An architecture for an email worm prevention system

Mohamed Mahmoud Taibah, Ehab Al-Shaer, Raouf Boutaba

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

4 Scopus citations

Abstract

Email worms comprise the largest portion of Internet worms today. Previous research has shown that they are an effective vehicle to deliver malicious code to a large group of users. These worms spread rapidly using the email infrastructure, causing significant financial damage, network congestion, and privacy invasion. We present a dynamic architecture to proactively defend a protected domain against email worms. This architecture integrates concepts from the areas of Markov decision processes, Rabin fingerprinting and honeypots to inspect, detect, and quarantine unknown email worms in a timely manner. We also present the results of several simulation experiments to evaluate the effectiveness of the architecture under different environment conditions.

Original language	English
Title of host publication	2006 Securecomm and Workshops
DOIs	https://doi.org/10.1109/SECCOMW.2006.359559
State	Published - 2006
Externally published	Yes
Event	2006 Securecomm and Workshops - Baltimore, MD, United States Duration: 28 Aug 2006 → 1 Sep 2006

Publication series

Name	2006 Securecomm and Workshops

Conference

Conference	2006 Securecomm and Workshops
Country/Territory	United States
City	Baltimore, MD
Period	28/08/06 → 1/09/06

ASJC Scopus subject areas

Computer Networks and Communications
Communication

Access to Document

10.1109/SECCOMW.2006.359559

Cite this

@inproceedings{c8ad8ed16eeb4637b9ea0bd1355314db,

title = "An architecture for an email worm prevention system",

abstract = "Email worms comprise the largest portion of Internet worms today. Previous research has shown that they are an effective vehicle to deliver malicious code to a large group of users. These worms spread rapidly using the email infrastructure, causing significant financial damage, network congestion, and privacy invasion. We present a dynamic architecture to proactively defend a protected domain against email worms. This architecture integrates concepts from the areas of Markov decision processes, Rabin fingerprinting and honeypots to inspect, detect, and quarantine unknown email worms in a timely manner. We also present the results of several simulation experiments to evaluate the effectiveness of the architecture under different environment conditions.",

author = "Taibah, {Mohamed Mahmoud} and Ehab Al-Shaer and Raouf Boutaba",

year = "2006",

doi = "10.1109/SECCOMW.2006.359559",

language = "English",

isbn = "1424404231",

series = "2006 Securecomm and Workshops",

booktitle = "2006 Securecomm and Workshops",

note = "2006 Securecomm and Workshops ; Conference date: 28-08-2006 Through 01-09-2006",

}

TY - GEN

T1 - An architecture for an email worm prevention system

AU - Taibah, Mohamed Mahmoud

AU - Al-Shaer, Ehab

AU - Boutaba, Raouf

PY - 2006

Y1 - 2006

N2 - Email worms comprise the largest portion of Internet worms today. Previous research has shown that they are an effective vehicle to deliver malicious code to a large group of users. These worms spread rapidly using the email infrastructure, causing significant financial damage, network congestion, and privacy invasion. We present a dynamic architecture to proactively defend a protected domain against email worms. This architecture integrates concepts from the areas of Markov decision processes, Rabin fingerprinting and honeypots to inspect, detect, and quarantine unknown email worms in a timely manner. We also present the results of several simulation experiments to evaluate the effectiveness of the architecture under different environment conditions.

AB - Email worms comprise the largest portion of Internet worms today. Previous research has shown that they are an effective vehicle to deliver malicious code to a large group of users. These worms spread rapidly using the email infrastructure, causing significant financial damage, network congestion, and privacy invasion. We present a dynamic architecture to proactively defend a protected domain against email worms. This architecture integrates concepts from the areas of Markov decision processes, Rabin fingerprinting and honeypots to inspect, detect, and quarantine unknown email worms in a timely manner. We also present the results of several simulation experiments to evaluate the effectiveness of the architecture under different environment conditions.

UR - http://www.scopus.com/inward/record.url?scp=50049084766&partnerID=8YFLogxK

U2 - 10.1109/SECCOMW.2006.359559

DO - 10.1109/SECCOMW.2006.359559

M3 - Conference contribution

AN - SCOPUS:50049084766

SN - 1424404231

SN - 9781424404230

T3 - 2006 Securecomm and Workshops

BT - 2006 Securecomm and Workshops

T2 - 2006 Securecomm and Workshops

Y2 - 28 August 2006 through 1 September 2006

ER -

An architecture for an email worm prevention system

Abstract

Publication series

Conference

ASJC Scopus subject areas

Access to Document

Fingerprint

Cite this