research-article

The tale of the weather worm

Authors:

Jörg DenzingerAuthors Info & Claims

SAC '08: Proceedings of the 2008 ACM symposium on Applied computing

Pages 2097 - 2102

https://doi.org/10.1145/1363686.1364193

Published: 16 March 2008 Publication History

Abstract

How humans behave when faced with a disaster, natural or man-made, can be exploited automatically by news-aware malicious software. We introduce weather worms, worms that can automatically identify abnormal events and their location, and target computers at that physical location. Such worms could be used to take advantage of poorly-defended computers in a disaster zone, and could amplify the effects of a physical attack. Defenses against weather worms require examination of policy and presentation of information on the Internet.

References

[1]

R. Acton, N. Friess, and J. Aycock. Inverse geolocation: Worms with a sense of direction. In Malware '07, pages 487--493, 2007.

[2]

E. Amitay, N. Har'El, R. Sivan, and A. Soffer. Web-a-where: geotagging web content. In Proceedings of the 27th Annual International ACM SIGIR Conference on Research and development in Information Retrieval, pages 273--280, 2004.

Digital Library

[3]

D. Balz. For Bush's new direction, cooperation is the challenge. http://www.washingtonpost.com/wp-dyn/-content/article/2006/11/08/AR200611080 0489.html, Nov. 2006. Page as of 11-11-06.

[4]

S. Brin and L. Page. The anatomy of a large-scale hypertextual Web search engine. Computer Networks and ISDN Systems, 30(1--7):107--117, 1998.

Digital Library

[5]

S. Byers, A. D. Rubin, and D. Kormann. Defending against an Internet-based attack on the physical world. ACM Transactions on Internet Technology, 4(3):239--254, 2004.

Digital Library

[6]

Calgary Herald. War games: Tornado jets zoom out of Calgary as British troops train for combat. http://www.canada.com/calgaryherald/news/city/-story.html?id=32dad626-2a7d-497b-a369-64e2f68b91a3, Nov. 2006. Page as of 11-11-06.

[7]

F-Secure. Small. DAM. F-Secure Trojan Information Pages, 17 January 2007.

[8]

N. Friess, R. Vogt, and J. Aycock. Timing is everything. Computers & Security, 24(8):599--603, 2005.

Digital Library

[9]

J. Graham-Cumming. The spammer's compendium. http://www.jgc.org/tsc/.

[10]

Headquarters, Department of the Army. Information operations. Field manual No. 100--6, 27 August 1996. United States Army.

[11]

M. Hyponnen. F-Secure virus descriptions: Santy, 2004.

[12]

H. H. Lee, E.-C. Chang, and M. C. Chan. Pervasive random beacon in the Internet for covert coordination. In Information Hiding, 7th International Workshop, IH 2005 (LNCS 3727), pages 53--61, 2005.

Digital Library

[13]

C. D. Manning, P. Raghavan, and H. Schütze. Introduction to Information Retrieval. Cambridge University Press, 2007.

Digital Library

[14]

Z. J. Mason. CorMet: A computational, corpus-based conventional metaphor extraction system. Computational Linguistics, 30(1):23--44, 2004.

Digital Library

[15]

K. S. McCurley. Geospatial mapping and navigation of the Web. In Proceedings of the 10th international conference on World Wide Web, pages 221--229, 2001.

Digital Library

[16]

K. McKeown and D. R. Radev. Generating summaries of multiple news articles. In Proceedings of the 18th Annual International ACM SIGIR Conference on Research and Development in Information Retrieval, pages 74--82, July 1995.

Digital Library

[17]

N. Provos, J. McClain, and K. Wang. Search worms. In WORM '06, pages 1--8, 2006.

Digital Library

[18]

D. V. Pynadath and M. Tambe. Multiagent teamwork: Analyzing the optimality and complexity of key theories and models. In Proceedings AAMAS 2002, pages 873--880, Bologna, 2002.

Digital Library

[19]

D. Rising. Storms in Europe kill 46, disrupt travel. Associated Press, 19 January 2007.

[20]

Spammer-X. Inside the SPAM Cartel. Syngress, 2004.

Digital Library

[21]

S. Staniford, D. Moore, V. Paxson, and N. Weaver. The top speed of flash worms. In Proceedings of the 2004 ACM Workshop on Rapid Malcode, pages 33--42, 2004.

Digital Library

[22]

S. Staniford, V. Paxson, and N. Weaver. How to Own the Internet in your spare time. In Proceedings of the 11th USENIX Security Symposium, 2002.

Digital Library

[23]

The Economist (U.S.). A cyber-riot; Estonia and Russia. 383(8528):55, 2007.

[24]

M. Vojnović and A. Ganesh. On the effectiveness of automatic patching. In Proceedings of the 2005 ACM Workshop on Rapid Malcode, pages 41--50, 2005.

Digital Library

[25]

L. von Ahn, M. Blum, N. J. Hopper, and J. Langford. CAPTCHA: Using hard AI problems for security. In Proceedings of EUROCRYPT 2003 (LNCS 2656), pages 294--311, 2003.

Digital Library

[26]

N. Weaver, V. Paxson, S. Staniford, and R. Cunningham. A taxonomy of computer worms. In WORM '03, pages 11--18, 2003.

Digital Library

[27]

W. Zong, D. Wu, A. Sun, E.-P. Lim, and D. H.-L. Goh. On assigning place names to geography related web pages. In JCDL '05: Proceedings of the 5th ACM/IEEE-CS Joint Conference on Digital Libraries, pages 354--362, 2005.

Digital Library

Cited By

Ali SMccorry PLee PHao F(2018)ZombieCoin 2.0International Journal of Information Security10.1007/s10207-017-0379-817:4(411-422)Online publication date: 1-Aug-2018
https://dl.acm.org/doi/10.1007/s10207-017-0379-8
Tang HHuang JWang W(2014)A game based passive worm defense model for P2P networksACM SIGAPP Applied Computing Review10.1145/2600617.260061914:1(20-29)Online publication date: 1-Mar-2014
https://dl.acm.org/doi/10.1145/2600617.2600619
Tang HHuang JWang WSuen CAghdam AGuo MHong JNadimi E(2013)A novel passive worm defense model for multimedia sharingProceedings of the 2013 Research in Adaptive and Convergent Systems10.1145/2513228.2513237(293-299)Online publication date: 1-Oct-2013
https://dl.acm.org/doi/10.1145/2513228.2513237
Show More Cited By

Index Terms

The tale of the weather worm

Recommendations

Tracing Worm Break-In and Contaminations via Process Coloring: A Provenance-Preserving Approach

To detect and investigate self-propagating worm attacks against networked servers, the following capabilities are desirable: (1) raising timely alerts to trigger a worm investigation, (2) determining the break-in point of a worm, i.e. the vulnerable ...
Simulating realistic network worm traffic for worm warning system design and testing
WORM '03: Proceedings of the 2003 ACM workshop on Rapid malcode

Reproducing the effects of large-scale worm attacks in a laboratory setup in a realistic and reproducible manner is an important issue for the development of worm detection and defense systems. In this paper, we describe a worm simulation model we are ...
The Zotob Storm

Using Zotob worm outbreak as an example, Schneier discusses patches and security processes for preventing more worm outbreaks. Given that it's impossible to know what's coming beforehand, how you respond to an actual worm largely determines your defense'...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

SAC '08: Proceedings of the 2008 ACM symposium on Applied computing

March 2008

2586 pages

ISBN:9781595937537

DOI:10.1145/1363686

Conference Chairs:
Roger L. Wainwright
University of Tulsa
,
Hisham M. Haddad
Kennesaw State University

Copyright © 2008 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGAPP: ACM Special Interest Group on Applied Computing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 16 March 2008

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

SAC '08

Sponsor:

SIGAPP

SAC '08: The 2008 ACM Symposium on Applied Computing

March 16 - 20, 2008

Fortaleza, Ceara, Brazil

Acceptance Rates

Overall Acceptance Rate 1,650 of 6,669 submissions, 25%

Upcoming Conference

SAC '25

Sponsor:
sigapp

The 40th ACM/SIGAPP Symposium on Applied Computing

March 31 - April 4, 2025

Catania , Italy

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
227
Total Downloads

Downloads (Last 12 months)1
Downloads (Last 6 weeks)0

Reflects downloads up to 07 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Ali SMccorry PLee PHao F(2018)ZombieCoin 2.0International Journal of Information Security10.1007/s10207-017-0379-817:4(411-422)Online publication date: 1-Aug-2018
https://dl.acm.org/doi/10.1007/s10207-017-0379-8
Tang HHuang JWang W(2014)A game based passive worm defense model for P2P networksACM SIGAPP Applied Computing Review10.1145/2600617.260061914:1(20-29)Online publication date: 1-Mar-2014
https://dl.acm.org/doi/10.1145/2600617.2600619
Tang HHuang JWang WSuen CAghdam AGuo MHong JNadimi E(2013)A novel passive worm defense model for multimedia sharingProceedings of the 2013 Research in Adaptive and Convergent Systems10.1145/2513228.2513237(293-299)Online publication date: 1-Oct-2013
https://dl.acm.org/doi/10.1145/2513228.2513237
Aycock JSullins J(2010)Ethical proactive threat researchProceedings of the 14th international conference on Financial cryptograpy and data security10.5555/1894863.1894884(231-239)Online publication date: 25-Jan-2010
https://dl.acm.org/doi/10.5555/1894863.1894884
Aycock JSullins J(2010)Ethical Proactive Threat ResearchFinancial Cryptography and Data Security10.1007/978-3-642-14992-4_21(231-239)Online publication date: 2010
https://doi.org/10.1007/978-3-642-14992-4_21

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten