Boundary detection and containment of local worm infections
Diego Zamboni, James Riordan, et al.
SRUTI 2007
IBM Zurich Research Laboratory is working on a remedy for worms that differs from other approaches in targeting worms specifically. Called Billy Goat, the system is a specialized worm-detection system running on a dedicated machine connected to the network and detects worm-infected machines anywhere in it. The system functions by creating a virtual environment for the worms. By providing feigned services as well as recording connection attempts, Billy Goat trick worms into revealing their identity. When the worm tries to infect Billy Goat, its identity and address get recorded and immediately reported to the network administrator.
Diego Zamboni, James Riordan, et al.
SRUTI 2007
Martim Carbone, Wenke Lee, et al.
IEEE Security and Privacy
Markus Stolze, René Pawlitzek, et al.
IT-Incident Management & IT-Forensics 2003
James Riordan, Andreas Wespi, et al.
IEEE Spectrum