@inproceedings{1de228e7440742229744baae753c7bbc,
title = "The detection of RCS worm epidemics",
abstract = "This paper discusses the problem of automatically detecting the existence of Random Constant Scanning (RCS) worm epidemics on the Internet by observing packet traffic in a local network. The propagation of the RCS worm is modelled as a simple epidemic. An optimal hypothesis-testing approach is presented to detect simple epidemics under idealized conditions baaed on the cumulative sums of log-likelihood ratios. It is shown that there are limitations on the ability of this optimal method to detect several important subclasses of RCS worm epidemics even under idealized conditions.",
keywords = "Experimentation, Security, Theory",
author = "Kurt Rohloff and Tamer Ba{\c s}ar",
year = "2005",
doi = "10.1145/1103626.1103642",
language = "English (US)",
isbn = "1595932291",
series = "WORM'05 - Proceedings of the 2005 ACM Workshop on Rapid Malcode",
pages = "81--86",
editor = "A.D. Keromytis",
booktitle = "WORM'05 - Proceedings of the 2005 ACM Workshop on Rapid Malcode",
note = "WORM'05 - 2005 ACM Workshop on Rapid Malcode ; Conference date: 11-11-2005 Through 11-11-2005",
}