- Title
- A source analysis of the conficker outbreak from a network telescope.
- Creator
- Irwin, Barry V W
- Subject
- To be catalogued
- Date Issued
- 2013
- Date
- 2013
- Type
- text
- Type
- article
- Identifier
- http://hdl.handle.net/10962/429742
- Identifier
- vital:72636
- Identifier
- 10.23919/SAIEE.2013.8531865
- Description
- This paper discusses a dataset of some 16 million packets targeting port 445/tcp collected by a network telescope utilising a /24 netblock in South African IP address space. An initial overview of the collected data is provided. This is followed by a detailed analysis of the packet characteristics observed, including size and TTL. The peculiarities of the observed target selection and the results of the flaw in the Conficker worm's propagation algorithm are presented. An analysis of the 4 million observed source hosts is reported, grouped by both packet counts and the number of distinct hosts per network address block. Address blocks of size /8, 16 and 24 are used for groupings. The localisation, by geographic region and numerical proximity, of high ranking aggregate netblocks is highlighted. The observed shift in geopolitical origins observed during the evolution of the Conficker worm is also discussed. The paper concludes with some overall analyses, and consideration of the application of network telescopes to the monitoring of such outbreaks in the future.
- Format
- 16 pages
- Format
- Language
- English
- Relation
- SAIEE Africa Research Journal
- Relation
- Irwin, B., 2013. A source analysis of the conficker outbreak from a network telescope. SAIEE Africa Research Journal, 104(2), pp.38-53
- Relation
- SAIEE Africa Research Journal volume 104 number 2 38 53 2013 1991-1696
- Rights
- Publisher
- Rights
- Use of this resource is governed by the terms and conditions of the IEEE Xplore Terms of Use Statement (https://ieeexplore.ieee.org/Xplorehelp/overview-of-ieee-xplore/terms-of-use)
- Hits: 104
- Visitors: 108
- Downloads: 6
Collections
Irwin, Barry V W (Prof)
RU Department of Computer Science
SDG 09. Industry, Innovation and Infrastructure
| Thumbnail | File | Description | Size | Format | |||
|---|---|---|---|---|---|---|---|
| View Details Download | SOURCE1 | A source analysis of the conficker outbreak from a network telescope.pdf | 684 KB | Adobe Acrobat PDF | View Details Download |