Crisis and aftermath

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Crisis and aftermath

Full text

Pdf (1.18 MB)

Source

Communications of the ACM archive
Volume 32 , Issue 6 (June 1989) table of contents

Pages: 678 - 687

Year of Publication: 1989

ISSN:0001-0782

Author

E. H. Spafford

Purdue Univ., West Lafayette, IN

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 18, Downloads (12 Months): 119, Citation Count: 32

Additional Information:

abstract references cited by index terms review collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/63526.63527 What is a DOI?

ABSTRACT

Last November the Internet was infected with a worm program that eventually spread to thousands of machines, disrupting normal activities and Internet connectivity for many days. The following article examines just how this worm operated.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Allman, E. Sendmait--An internetwork mail router. University of California, Berkeley, (issued with the BSD UNIX documentation), 1983.
	2	Denning, P. The Internet worm. Amer. Sci. 77, 2 (Mar.-Apr. 1989}, 126-128.
	3	Eichen, M.W., and Rochlis, J.A. With microscope and tweezers: An analysis of the Internet virus of November 1988. In Proceedings of the Symposium on Research in Security and Privacy (May 1989}. IEEE-CS, Oakland, Calif.
	4	Grampp, F.T., and Morris, R.M. UNIX operating system security. AT&T Bell Laboratories Tech. J. 63, 8, part 2 (Oct. 1984}, 1649-1672.
	5	Harrenstien, K. Name/Finger. RFC 742, SRI Network Information Center, Dec. 1977.
	6	King, K.M. Overreaction to external attacks on computer systems could be more harmful than the viruses themselves. Chronicle of Higher Education (Nov. 23, 1988), A36.
	7	Bryan Kocher, President's letter, Communications of the ACM, v.32 n.1, p.3-ff., Jan. 1989 [doi>10.1145/63238.315910]
	8	Robert Morris , Ken Thompson, Password security: a case history, Communications of the ACM, v.22 n.11, p.594-597, Nov. 1979 [doi>10.1145/359168.359172]
	9	Postel, J.B. Simple mail transfer protocol. RFC 821, SRI Network Information Center, Aug. 1982.
	10	Proceedings of the virus post-mortem meeting. National Computer Security Center, Ft. George Meade, MD, Nov. 8, 1988.
	11	Brian Reid, Lessons from the UNIX breakins at Stanford, ACM SIGSOFT Software Engineering Notes, v.11 n.5, p.29-35, Oct. 1986 [doi>10.1145/382298.382364]
	12	Brian Reid, Viewpoint, Communications of the ACM, v.30 n.2, p.103-105, Feb. 1987 [doi>10.1145/12527.315716]
	13	Ritchie, D.M. On the security of UNIX. In UNIX Supplementary Documents. AT&T, 1979.
	14	Royko, M. Here's how to stop computer vandals. Chicago Tribune, (Nov. 6, 1988).
	15	Seeley, D. A tour of the worm. In Proceedings of the 1989 Winter USENIX Conference. USENIX Association, San Diego, Calif., Feb. 1989.
	16	Eugene H. Spafford, The internet worm program: an analysis, ACM SIGCOMM Computer Communication Review, v.19 n.1, p.17-57, Jan. 1989 [doi>10.1145/66093.66095]
	17	Spafford, E.H. Some musings on ethics and computer breakins. In Proceedings of the Winter USENIX Conference. USENIX Association, San Diego, Calif., Feb. 1989.
	18	Steiner, J., Neuman, C., and Schiller, J. Kerberos: An authentication service for open network systems. In Proceedings of the Winter USENIX Association Conference, Feb. 1988, pp. 191-202.
	19	Uncle Sam's anti-virus corps. UNIX Today!. (Jan. 23, 1989), 1o.

CITED BY 32

	Barton P. Miller , Louis Fredriksen , Bryan So, An empirical study of the reliability of UNIX utilities, Communications of the ACM, v.33 n.12, p.32-44, Dec. 1990
	Michael F. Schwartz , David C. M. Wood, Discovering shared interests using graph analysis, Communications of the ACM, v.36 n.8, p.78-89, Aug. 1993
	M. Frans Kaashoek , Robbert van Renesse , Hans van Staveren , Andrew S. Tanenbaum, FLIP: an internetwork protocol for supporting distributed systems, ACM Transactions on Computer Systems (TOCS), v.11 n.1, p.73-106, Feb. 1993
	Dorothy E. Denning, The United States vs. Craig Neidorf: A debate on electronic publishing, Constitutional rights and hacking, Communications of the ACM, v.34 n.3, p.22-43, March 1991
	Paul Eggert, Toward special-purpose program verification, ACM SIGSOFT Software Engineering Notes, v.15 n.4, p.25-29, Sep. 1990
	Nathanial S. Borenstein, Computational mail as network infrastructure for computer-supported cooperative work, Proceedings of the 1992 ACM conference on Computer-supported cooperative work, p.67-74, November 01-04, 1992, Toronto, Ontario, Canada
	Massimo Bernaschi , Emanuele Gabrielli , Luigi V. Mancini, Remus: a security-enhanced operating system, ACM Transactions on Information and System Security (TISSEC), v.5 n.1, p.36-61, February 2002
	Rolf Oppliger, Internet security: firewalls and beyond, Communications of the ACM, v.40 n.5, p.92-102, May 1997
	Richard Baskerville, Information systems security design methods: implications for information systems development, ACM Computing Surveys (CSUR), v.25 n.4, p.375-414, Dec. 1993
	Carl E. Landwehr , Alan R. Bull , John P. McDermott , William S. Choi, A taxonomy of computer program security flaws, ACM Computing Surveys (CSUR), v.26 n.3, p.211-254, Sept. 1994
	Gregory B. White, An organizational approach to computer security, ACM SIGSAC Review, v.8 n.1, p.9-16, April 1990
	Thomas S. Ray, An evolutionary approach to synthetic biology: zen in the art of creating life, Advances in evolutionary computing: theory and applications, Springer-Verlag New York, Inc., New York, NY, 2003
	Mustaque Ahamad , Leo Mark , Wenke Lee , Edward Omicienski , Andre dos Santos , Ling Liu , Calton Pu, Guarding the next Internet frontier: countering denial of information attacks, Proceedings of the 2002 workshop on New security paradigms, September 23-26, 2002, Virginia Beach, Virginia
	John C. Nash, A hypertext environment for using mathematical software: part 1—motivations and design objectives, ACM SIGNUM Newsletter, v.25 n.3, p.2-14, Jul. 1990
	Wu-chang Feng, The case for TCP/IP puzzles, ACM SIGCOMM Computer Communication Review, v.33 n.4, October 2003
	Xin Zhao , Kevin Borders , Atul Prakash, SVGrid: a secure virtual environment for untrusted grid applications, Proceedings of the 3rd international workshop on Middleware for grid computing, p.1-6, November 28-December 02, 2005, Grenoble, France
	Udi Manber, Chain Reactions in Networks, Computer, v.23 n.10, p.57-63, October 1990
	Julie Thorpe , P. C. van Oorschot , Anil Somayaji, Pass-thoughts: authenticating with our minds, Proceedings of the 2005 workshop on New security paradigms, September 20-23, 2005, Lake Arrowhead, California
	Cliff C. Zou , Don Towsley , Weibo Gong, On the performance of internet worm scanning strategies, Performance Evaluation, v.63 n.7, p.700-723, July 2006
	Moshe Zviran , William J. Haga, Password security: an empirical study, Journal of Management Information Systems, v.15 n.4, p.161-185, March 1999
	Peter G. Neumann, System and network trustworthiness in perspective, Proceedings of the 13th ACM conference on Computer and communications security, p.1-5, October 30-November 03, 2006, Alexandria, Virginia, USA
	Guanling Chen , Robert S. Gray, Simulating non-scanning worms on peer-to-peer networks, Proceedings of the 1st international conference on Scalable information systems, p.29-es, May 30-June 01, 2006, Hong Kong
	Sumeet Singh , Cristian Estan , George Varghese , Stefan Savage, Automated worm fingerprinting, Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation, p.4-4, December 06-08, 2004, San Francisco, CA
	Andrew Blyth , Paula Thomas, Performing real-time threat assessment of security incidents using data fusion of IDS logs, Journal of Computer Security, v.14 n.6, p.513-534, November 2006
	George Fink , Matt Bishop, Property-based testing: a new approach to testing for assurance, ACM SIGSOFT Software Engineering Notes, v.22 n.4, p.74-80, July 1997
	Richard C. Hollinger, Hackers: computer heroes or electronic highwaymen?, ACM SIGCAS Computers and Society, v.21 n.1, p.6-17, June 1991
	Carol J. Orwant, Computer ethics—part of computer science!, ACM SIGCAS Computers and Society, v.21 n.2-4, p.40-45, Oct. 1991
	P. C. van Oorschot , Julie Thorpe, On predictive models and user-drawn graphical passwords, ACM Transactions on Information and System Security (TISSEC), v.10 n.4, p.1-33, January 2008
	Eugene H. Spafford, Inspiration and trust, Communications of the ACM, v.51 n.1, January 2008
	Luca Carettoni , Claudio Merloni , Stefano Zanero, Studying Bluetooth Malware Propagation: The BlueBag Project, IEEE Security and Privacy, v.5 n.2, p.17-25, March 2007
	Manuel Costa , Jon Crowcroft , Miguel Castro , Antony Rowstron , Lidong Zhou , Lintao Zhang , Paul Barham, Vigilante: End-to-end containment of Internet worm epidemics, ACM Transactions on Computer Systems (TOCS), v.26 n.4, p.1-68, December 2008
	Ian H. Witten , Harold Thimbleby, Virus, computer, Encyclopedia of Computer Science, 4th edition, John Wiley and Sons Ltd., Chichester, 2003

INDEX TERMS

Primary Classification:
K. Computing Milieux
K.4 COMPUTERS AND SOCIETY
K.4.2 Social Issues
Subjects: Abuse and crime involving computers**

Additional Classification:
K. Computing Milieux
K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS
K.6.m Miscellaneous
Subjects: Security*
K.7 THE COMPUTING PROFESSION
K.7.m Miscellaneous
Subjects: Ethics**

General Terms:
Design, Management, Performance, Security

REVIEW

"Thomas C. Richards : Reviewer"

This paper contains a detailed analysis of the Internet worm incident, which occurred in November 1988. During the evening of November 2 the worm spread quickly to Sun 3 systems and VAX computers running 4 BSD UNIX. As time went on these machine more...

Collaborative Colleagues:

E. H. Spafford: colleagues

Adobe Acrobat

QuickTime

Windows Media Player

Real Player